CVE-2025-20286

Published Jun 4, 2025

Last updated 3 months ago

CVSS critical 9.9

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-20286 is a vulnerability in the cloud deployments of Cisco Identity Services Engine (ISE) on Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI). It stems from improperly generated credentials during the deployment process, causing different ISE deployments to share the same credentials if they use the same software release and cloud platform. This vulnerability only affects deployments where the Primary Administration node is hosted in the cloud. An attacker could exploit this vulnerability by extracting user credentials from a Cisco ISE instance deployed in the cloud and using them to access other ISE deployments across different cloud environments through unsecured ports. Successful exploitation could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.

Description
A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems. This vulnerability exists because credentials are improperly generated when Cisco ISE is being deployed on cloud platforms, resulting in different Cisco ISE deployments sharing the same credentials. These credentials are shared across multiple Cisco ISE deployments as long as the software release and cloud platform are the same. An attacker could exploit this vulnerability by extracting the user credentials from Cisco ISE that is deployed in the cloud and then using them to access Cisco ISE that is deployed in other cloud environments through unsecured ports. A successful exploit could allow the attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems. Note: If the Primary Administration node is deployed in the cloud, then Cisco ISE is affected by this vulnerability. If the Primary Administration node is on-premises, then it is not affected.
Source
psirt@cisco.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Primary
Base score
9.9
Impact score
5.3
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
Severity
CRITICAL

Weaknesses

psirt@cisco.com
CWE-259

Social media

Hype score
Not currently trending

  1. 🚨 Cisco ISE Cloud Flaw – CVE-2025-20286 (CVSS 9.9) Cloud-based ISE instances on AWS, Azure & OCI are vulnerable to unauthenticated access via static admin credentials. ⚠️ Full access to configs & data. 🛡️ Patch immediately. 📩 info@zoffec.com | 📞 +91 98

    @Zoffecinfotech

    17 Jul 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Actively exploited CVE : CVE-2025-20286

    @transilienceai

    10 Jun 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. Actively exploited CVE : CVE-2025-20286

    @transilienceai

    10 Jun 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. ⚠️Vulnerabilidades corregidas en productos de Cisco ❗CVE-2025-20286 ❗CVE-2025-20261 ❗CVE-2025-20163 ➡️Más info: https://t.co/k2GbEB5KNW https://t.co/zimwCpBBEq

    @CERTpy

    9 Jun 2025

    732 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Recent research reveals vulnerabilities in popular #Chrome extensions leaking sensitive data and hard-coded API keys; #Cisco ISE's critical flaw (CVE-2025-20286) affects cloud deployments, urging users to patch promptly. More below: https://t.co/voHjswz1xc

    @NetizenCorp

    9 Jun 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Actively exploited CVE : CVE-2025-20286

    @transilienceai

    8 Jun 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  7. Cisco Patches Critical ISE Cloud Vulnerability (CVSS 9.9) CVE-2025-20286 https://t.co/bsTIoTCeg5

    @TechBeamsBlog

    8 Jun 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Actively exploited CVE : CVE-2025-20286

    @transilienceai

    8 Jun 2025

    49 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  9. Critical @Cisco ISE Cloud Flaw Patched Shared credentials in cloud deployments (CVE-2025-20286) could let attackers in. PoC exploits confirmed — patch now! Details + mitigation steps 👇 https://t.co/vHJPE82Nw6

    @socradar

    7 Jun 2025

    206 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Actively exploited CVE : CVE-2025-20286

    @transilienceai

    7 Jun 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  11. On June 4, Cisco released security patches to address a critical vulnerability (CVE-2025-20286) in its Identity Services Engine (ISE) platform, affecting cloud deployments on AWS, Microsoft Azure, and Oracle Cloud Infrastructure (OCI). https://t.co/VpLT4v1KwW

    @JadenJohnsNews

    6 Jun 2025

    74 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. 🚨 Cisco's ISE is having a rough day! A critical cloud vulnerability (CVE-2025-20286) with a 9.9 CVSS score means your data might be more exposed than your last Zoom meeting! Stay safe out there! #CyberSecurity #Cisco #CloudVulnerability https://t.co/U0pl1DGy7b

    @windowsforum

    6 Jun 2025

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. 🚨 A Vulnerability exists in Cisco Identity Services Engine (CVE-2025-20286). Please see the @ncsc_gov_ie advisory for further info: https://t.co/FJKBTkX8fi

    @ncsc_gov_ie

    6 Jun 2025

    139 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. 🚨 ALERTĂ - CVE-2025-20286 afectează Cisco ISE în cloud (AWS, Azure, OCI). 🔓 Exploatarea permite acces neautentificat la instanțe și date sensibile. 🛡 Aplicați patch-urile Cisco și segmentați rețeaua! 🔗 Detalii: https://t.co/360AvhkmWy #DNSC #CyberSecurity

    @DNSC_RO

    6 Jun 2025

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. Cisco has patched a critical vulnerability (CVE-2025-20286) in ISE impacting cloud deployments on AWS, Azure, & OCI. Attackers can exploit shared credentials to access data & disrupt services. Proof-of-concept is available. 🔒 #Cisco #Vulnerabilities https://t.co/v9CbFe

    @TweetThreatNews

    6 Jun 2025

    47 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  16. シスコ、AWS、Azure、Oracle Cloudでの認証情報脆弱性に警告(CVE-2025-20286) https://t.co/HqJo7Ydzmh #Security #セキュリティ #ニュース

    @SecureShield_

    6 Jun 2025

    60 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. CVE-2025-20286: PoC Available for Critical Cisco Identity Services Engine Static Credential Vulnerability https://t.co/tkUjHCLEYJ

    @Dinosn

    6 Jun 2025

    2151 Impressions

    2 Retweets

    9 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  18. Warning: @Cisco released patches for CVE-2025-20286, a critical flaw impacting @AmazonWebServices, @Azure & @OracleOCI cloud deployments of #CiscoISE. It allows remote, unauthenticated attackers to gain unauthorized access and disrupt services. #Patch now!https://t.co/N6XQy3I

    @CCBalert

    5 Jun 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. CVE-2025-20286: Cisco ISE Cloud Vulnerability Affects AWS, Azure and OCI #CiscoISE #CVE20252086 #CloudSecurity #Cybersecurity #AWS #Azure #OCI #VulnerabilityAlert #PatchNow #InfoSec https://t.co/IA92YqhrPm

    @cyashadotcom

    5 Jun 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Actively exploited CVE : CVE-2025-20286

    @transilienceai

    5 Jun 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  21. CVE-2025-20286 (CVSS 9.9): A critical static credential flaw affects Cisco ISE cloud deployments on AWS, Azure, and OCI (versions 3.1–3.4). Unauthenticated attackers could access data, alter configs, or disrupt services. Patch now. #Cisco #CVE2025 #IdentityServicesEngine http

    @CloneSystemsInc

    5 Jun 2025

    249 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. Cisco warns of ISE and CCP flaws with public exploit code Cisco has patched three vulnerabilities with public exploit code in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP). The most critical, CVE-2025-20286, affects cloud-based ISE deployments due

    @dCypherIO

    5 Jun 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. Cisco has issued patches for a critical CVE-2025-20286 flaw in Cisco ISE affecting cloud deployments on AWS, Azure, and OCI. Static credential issues could allow attackers to access sensitive data or disrupt services. ⚠️ #CloudRisk #CiscoAlert https://t.co/rAi9oC7Qk3

    @TweetThreatNews

    5 Jun 2025

    113 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  24. 🚨Alert🚨CVE-2025-20286:Cisco ISE Cloud Deployment Credential Vulnerability Enables Unauthorized Access 📊2K+Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/dGTzo2tgAp 👇Query HUNTER : https://t.co/q9rtuGgxk7="Cisco ISE" https://t.co

    @HunterMapping

    5 Jun 2025

    1837 Impressions

    6 Retweets

    30 Likes

    12 Bookmarks

    0 Replies

    0 Quotes

  25. 🚨 Critical Cisco ISE flaw (CVE-2025-20286) hits cloud deployments (AWS, Azure, OCI)! Score: 9.9! 🤯 Static credentials shared across instances can lead to unauthorized access. Update ASAP & restrict traffic! #Cybersecurity #CiscoISE #CloudSecurity https://t.co/yiRDskU6C

    @fernandokarl

    5 Jun 2025

    93 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. 📌 كشفت شركة سيسكو عن ثغرة أمنية خطيرة في محرك خدمات الهوية (ISE) تؤثر على النشر السحابي في AWS وAzure وOCI. تُصنف الثغرة، المعروفة برمز CVE-2025-20286، على أنها ثغرة اعت

    @Cybercachear

    5 Jun 2025

    82 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. Cisco warns of critical flaws in ISE and CCP with public exploit code. CVE-2025-20286 allows unauthenticated attackers to access cloud environments on AWS, Azure, or OCI. Patches issued to fix these vulnerabilities. 🔒🌐 #CloudSecurity #CiscoAlert https://t.co/MyYPwmpY8Q

    @TweetThreatNews

    4 Jun 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. CVE-2025-20286 Cisco ISE Cloud Deployment Credential Vulnerability Enables Unauthorized Access https://t.co/ibRAnmUFtE

    @VulmonFeeds

    4 Jun 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. [CVE-2025-20286: CRITICAL] Vulnerability in cloud deployments of Cisco Identity Services Engine allows unauthenticated remote access, posing security risks on AWS, Microsoft Azure, and Oracle Cloud.#cve,CVE-2025-20286,#cybersecurity https://t.co/876madXhRH https://t.co/ugu2qgf6a4

    @CveFindCom

    4 Jun 2025

    117 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.