AI description
CVE-2025-20343 is a vulnerability in the RADIUS setting "Reject RADIUS requests from clients with repeated failures" on Cisco Identity Services Engine (ISE). This vulnerability could allow an unauthenticated, remote attacker to cause the Cisco ISE to restart unexpectedly. The vulnerability is due to a logic error when processing a RADIUS access request for a MAC address that is already a rejected endpoint. An attacker could exploit this vulnerability by sending a specific sequence of multiple crafted RADIUS access request messages to Cisco ISE.
- Description
- A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause Cisco ISE to restart unexpectedly. This vulnerability is due to a logic error when processing a RADIUS access request for a MAC address that is already a rejected endpoint. An attacker could exploit this vulnerability by sending a specific sequence of multiple crafted RADIUS access request messages to Cisco ISE. A successful exploit could allow the attacker to cause a denial of service (DoS) condition when Cisco ISE restarts.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
- Products
- identity_services_engine
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- psirt@cisco.com
- CWE-697
- Hype score
- Not currently trending
Cisco ISEに高深刻度のDoS 脆弱性(CVE-2025-20343) https://t.co/sVXRtSmNRA #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
11 Nov 2025
105 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨:CVE-2025-20343 : Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability 📊1.2K Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/dGTzo2sIKR 👇Query HUNTER : https://t.co/q9rtuGfZuz="Cisco ISE" https
@HunterMapping
10 Nov 2025
4037 Impressions
14 Retweets
49 Likes
13 Bookmarks
2 Replies
0 Quotes
High-Severity Cisco ISE Flaw (CVE-2025-20343) Allows Unauthenticated DoS via Crafted RADIUS Requests https://t.co/wwDCfVMDNx
@CrowdCyber_Com
9 Nov 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20343: Cisco Identity Services Engine RADIUS Suppression Denial of Serv https://t.co/dn7zWg9B1O https://t.co/A5JUkSQycd
@freedomhack101
7 Nov 2025
47 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-20343 (CVSS 8.6) — Cisco ISE DoS vulnerability via crafted RADIUS requests. 🎯1.2k+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link: https://t.co/sepwYVyBPu FOFA Query: app="CISCO-ISE" 🔖Refer: https://t.co/AotLhEvQ32 #OSINT
@fofabot
7 Nov 2025
1145 Impressions
4 Retweets
14 Likes
4 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2025-20343 (CVSS 8.6): A flaw in Cisco ISE's RADIUS feature lets remote, unauthenticated attackers restart the system, causing a DoS. Search by vul.cve Filter👉vul.cve="CVE-2025-20343" ZoomEye Dork👉app="Cisco ISE" Over 2.7k instances are exposed. ZoomEye Link: h
@zoomeye_team
7 Nov 2025
830 Impressions
3 Retweets
9 Likes
1 Bookmark
0 Replies
0 Quotes
Ciscoのネットワーク認証基盤「Identity Services Engine(ISE)」に深刻な脆弱性が発見され、企業の認証システム停止を招く恐れがある。未認証の遠隔攻撃者が特定設定を悪用し、ISEを強制再起動させる可能性があ
@yousukezan
7 Nov 2025
1094 Impressions
2 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades en productos Cisco ❗CVE-2025-20354 ❗CVE-2025-20358 ❗CVE-2025-20343 ➡️Más info: https://t.co/IdJyxqi14q https://t.co/rxaEw0O0RT
@CERTpy
6 Nov 2025
93 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-20343: HIGH] Vulnerability in Cisco ISE RADIUS setting could allow unauthenticated remote attackers to cause unexpected restarts. Ensure system security against such exploits.#cve,CVE-2025-20343,#cybersecurity https://t.co/EXtm6DWCGI https://t.co/z3bTYd5muo
@CveFindCom
5 Nov 2025
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
**CVE ID:** CVE-2025-20343 **Title:** Denial of Service in Cisco Identity Services Engine via Rejected RADIUS Requests **Severity:** HIGH (CVSS 8.6) **Attack Vector:** NETWORK **Impact:** Potential for remote attacker to cause Cisco ISE to restart unexpectedly, resulting
@CveTodo
5 Nov 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20343 A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine (ISE) could allow an unauthenticate… https://t.co/v4JqDK7UGu
@CVEnew
5 Nov 2025
290 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D23905E0-E525-49B1-8E5F-4EB42D186768"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74509498-38EF-4345-9583-CEF5C26CA1D8"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD05FF93-7B8C-4283-9DB7-E03FE98FAADF"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F9B6A8E-E773-44A3-9266-878F0C58EB41"
}
],
"operator": "OR"
}
]
}
]