Infosecurity-magazine.com

CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine

The US Cybersecurity and Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on July 28. These include two highly critical ...
CSOonline

Cisco warns of another critical RCE flaw in ISE, urges immediate patching

The newly disclosed flaw affects a specific API that suffers from insufficient input validation to allow unauthenticated RCE at the root. Cisco has dropped another maximum severity advisory detailing ...
theregister

Cisco fixes two critical make-me-root bugs on Identity Services Engine components

Cisco has dropped patches for a pair of critical vulnerabilities that could allow unauthenticated remote attackers to execute code on vulnerable systems. Tracked as CVE-2025-20281 and CVE-2025-20282, ...
Bleeping Computer

Cisco warns of max severity RCE flaws in Identity Services Engine

Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector ...
The Hacker News

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could permit an unauthenticated attacker ...
SecurityWeek

Cisco Patches Critical ISE Vulnerability With Public PoC

Cisco this week announced fixes for a dozen vulnerabilities in its products, including a critical-severity flaw impacting the cloud deployments of Identity Services Engine (ISE) for which ...
knxtoday

Show Report: KNX with ETS6.3.0 at ISE Barcelona 2025

Michael Critchfield talks about demonstrating the new ETS6.3.0 at ISE 2025, and shares the typical questions and topics of interest that came up at the show. ISE Barcelona in early February was a ...
CSOonline

Cisco’s ISE bugs could allow root-level command execution

Cisco is warning enterprise admins of two critical flaws within its identity and access management (IAM) solution, Identity Services Engine (ISE), that could allow attackers to obtain unauthorized ...
Bleeping Computer

Critical Cisco ISE bug can let attackers run commands as root

Cisco has released patches to fix two critical vulnerabilities in its Identity Services Engine (ISE) security policy management platform. Enterprise administrators use Cisco ISE as an identity and ...
The Hacker News

Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc

Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible ...
theregister

Cisco patches two critical Identity Services Engine flaws

Cisco has fixed two critical vulnerabilities in its Identity Services Engine (ISE) that could allow an authenticated remote attacker to execute arbitrary commands as root or access sensitive ...