AI description
CVE-2025-20337 is a vulnerability in a specific API of Cisco ISE (Identity Services Engine) and Cisco ISE-PIC (ISE Passive Identity Connector). It could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker doesn't need any valid credentials to exploit this vulnerability. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit it by submitting a crafted API request. Successful exploitation could allow the attacker to obtain root privileges on an affected device. This affects Cisco ISE and ISE-PIC releases 3.3 and 3.4, regardless of device configuration.
- Description
- A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@cisco.com
- CWE-74
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
51
⚠️ Weekly vuln radar. https://t.co/Cd6L8AD6Bt – spot what’s trending before it’s everywhere: CVE-2025-29824 CVE-2025-6543 CVE-2025-20337 CVE-2025-6558 (via @_clem1) CVE-2025-49144 CVE-2025-24985 CVE-2025-20274 CVE-2025-23266 (via @nirohfeld @shirtamari) CVE-2021-41773
@ptdbugs
18 Jul 2025
45 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical vulnerabilities in Cisco ISE (CVE-2025-20337), VMware, Oracle, and Fortinet demand immediate patching to prevent exploitation. Major cybercrime operations like Ryuk ransomware and global data breaches continue to evolve threats. #CiscoSecurity #… https://t.co/azFfED65p
@TweetThreatNews
18 Jul 2025
89 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨CVE-2025-20337: A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. CVSS: 10 The attacker does not require any valid credentials to exploit thi
@DarkWebInformer
17 Jul 2025
6642 Impressions
24 Retweets
47 Likes
9 Bookmarks
1 Reply
0 Quotes
🚨 #Cisco's Identity Services Engine Hit by Maximum Severity Vulnerability: #CVE-2025-20337 Shocks Cybersecurity World https://t.co/suWg2SGYly
@UndercodeNews
17 Jul 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Cisco warns of critical ISE flaw (CVE-2025-20337, CVSS 10.0) allowing unauthenticated remote code execution as root. Affects ISE/ISE-PIC 3.3 & 3.4. Patch now: ISE 3.3 P7, 3.4 P2. Details: https://t.co/6BkhlHe5CI #Cybersecurity
@_F2po_
17 Jul 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CRITICAL Cisco ISE vulnerability (CVE-2025-20337) allows pre-auth command execution! Unauthenticated attackers can store malicious files, execute code, and gain root. PATCH NOW! Details: [URL] https://t.co/1SYkOPsoQf
@fishpassenger
17 Jul 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine poses a severe risk by allowing unauthenticated attackers to execute arbitrary code. Despite the absence of reported exploitations so far, immediate action is recommended for all affected users to up...
@CybrPulse
17 Jul 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
A critical vulnerability (CVE-2025-20337) in Cisco ISE versions 3.3 and 3.4 allows unauthenticated remote code execution and root access. Immediate patching to ISE 3.3 Patch 7 or 3.4 Patch 2 is essential. #Cisco #CyberRisk #Japan https://t.co/xpKIZHUauE
@TweetThreatNews
17 Jul 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #Cisco's Identity Engine Under Fire: Critical #CVE-2025-20337 Vulnerability Exposes Systems to Root Exploits https://t.co/mBr7i6MZry
@UndercodeNews
17 Jul 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Cisco ISE Vulnerability Allows Unauthenticated Remote Root Code Execution Cisco has disclosed CVE-2025-20337, a critical vulnerability (CVSS 10.0) in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) versions 3.3 and 3.4. The flaw allows https:
@dCypherIO
17 Jul 2025
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability in Cisco's Identity Services Engine (ISE), identified as CVE-2025-20337, allows remote code execution with root privileges, scoring a CVSS of 10. Detecting and patching this flaw is crucial, as it poses serious risks to affected systems and remains cri...
@CybrPulse
17 Jul 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Critical #Cisco ISE Flaw (#CVE-2025-20337): Remote Root Exploit Without Authentication https://t.co/wLs4wGKiln Educational Purposes!
@UndercodeUpdate
17 Jul 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
💥 New Cisco ISE flaw lets attackers run code as root — no login needed. The bug (CVE-2025-20337) scores a perfect 10.0. Just one crafted API call = full system takeover. Affected? Patch now or risk compromise. Details here → https://t.co/sbJ0dofqcX
@TheHackersNews
17 Jul 2025
13298 Impressions
57 Retweets
111 Likes
32 Bookmarks
0 Replies
5 Quotes
⚠️⚠️ CVE-2025-20337 (CVSS 10.0)Allows Unauthenticated Root RCE – Patch Immediately 🎯1.2k+Results are found on the https://t.co/pb16tGYaKe nearly year 🔗FOFA Link:https://t.co/iMoCwvMv2z FOFA Query:app="CISCO-ISE" 🔖Refer:https://t.co/2XWWiWhzyP #OSINT #FOFA
@fofabot
17 Jul 2025
6354 Impressions
31 Retweets
87 Likes
33 Bookmarks
1 Reply
1 Quote
🚨Alert🚨 :CVE-2025-20337 (CVSS 10.0):Critical Cisco ISE Flaw Allows Unauthenticated Root RCE 📊1K Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/dGTzo2sIKR 👇Query HUNTER : https://t.co/q9rtuGfZuz="Cisco ISE" 📰Refer:https://t.c
@HunterMapping
17 Jul 2025
2631 Impressions
14 Retweets
42 Likes
23 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-20337: CRITICAL RCE in Cisco ISE gives attackers root access—no auth needed! Patch ASAP to protect your network. 🔒 https://t.co/meyoLX0VMS #OffSeq #Cisco #RCE https://t.co/Fa3qmCD5HR
@offseq
17 Jul 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ثغرات خطيرة في Cisco ISE تتيح تنفيذ أوامر بامتيازات Root عن بُعد بدون مصادقة - CVE-2025-20281 - CVE-2025-20282 - CVE-2025-20337 - درجة الخطورة 10/10 - التحديث الفوري لإصدارات 3.3 و3.4 ضروري
@cyberscastx
17 Jul 2025
12218 Impressions
8 Retweets
98 Likes
92 Bookmarks
5 Replies
0 Quotes
📌 كشفت شركة سيسكو عن ثغرة أمنية خطيرة في محرك خدمات الهوية (ISE) قد تسمح للمهاجمين غير المصرح لهم بتنفيذ تعليمات برمجية عشوائية بامتيازات مرتفعة. تُسجّل ال
@Cybercachear
17 Jul 2025
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical security flaw (CVE-2025-20337) in Cisco ISE & ISE-PIC enables code execution. Urgent patching advised. Visit: https://t.co/LwNGUnq8fv #Cisco #CyberSecurity
@threatlight
17 Jul 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2025-20337 (CVSS 10) hits Cisco ISE & ISE-PIC! Unauthenticated RCE vuln allows ROOT access via a simple API exploit—no creds needed! Search by vul.cve Filter👉vul.cve="CVE-2025-20337" ZoomEye Dork👉app="Cisco ISE" Over 2K vulnerable instances found on Zoom
@zoomeye_team
17 Jul 2025
1890 Impressions
12 Retweets
21 Likes
6 Bookmarks
0 Replies
0 Quotes
Cisco warns of a critical flaw (CVE-2025-20337, CVSS 10.0) in ISE allowing unauthenticated root RCE. Update ISE 3.3 (Patch 7) and 3.4 (Patch 2) immediately! #CiscoISE #RCE #Cybersecurity #PatchNow https://t.co/2CQFF9EnZX
@the_yellow_fall
17 Jul 2025
1785 Impressions
12 Retweets
24 Likes
4 Bookmarks
0 Replies
3 Quotes
CVE-2025-20337 A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating… https://t.co/eQ6PQUOHj7
@CVEnew
16 Jul 2025
123 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Here we go again ;,,,; 🟥 CVE-2025-20337, CVSS: 10.0 (#Critical, #Highest) Cisco ISE version 3.3 and 3.4 Vulnerability allows unauthenticated remote attackers to execute arbitrary code as root due to insufficient input validation. Cisco recommends upgrading to fixed release
@UjlakiMarci
16 Jul 2025
150 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1B9C2C1-59A4-49A0-9B74-83CCB063E55D"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFD29A0B-0D75-4EAB-BCE0-79450EC75DD0"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6C94CC4-CC08-4DAF-A606-FDAFC92720A9"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB069EA3-7B8C-42B5-8035-2EE5ED3F56E4"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF8B81A6-BF44-4E5F-B167-39F61DDCA026"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "56E0F0EC-3E66-4866-89F5-89B331F3F517"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E3E8937-2859-4A2A-91C0-05F674EF0466"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D23905E0-E525-49B1-8E5F-4EB42D186768"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74509498-38EF-4345-9583-CEF5C26CA1D8"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CA3315D-8A45-43F4-A0F0-094D325F285B"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3736136-9FD8-4B12-B119-EA15201224D9"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "654ED77E-22D3-4E76-9E6D-B1581F5982F0"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0648EE9-F042-479F-9AAB-C6B5DBC46511"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83F3BA58-4F38-41C8-956F-38A2F44EECE4"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C30FA1D-91E2-48C5-B181-A88FDF668278"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "768215B1-80B7-40FF-8772-BA4C0B3913F5"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC0525FD-C4D7-4B48-BF35-1791391AB148"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68C96F6B-51EE-4D03-9598-CBFD16DA22EF"
}
],
"operator": "OR"
}
]
}
]