Source: The Hacker News
Author: [email protected] (The Hacker News)
URL: https://thehackernews.com/2025/02/cisco-patches-critical-ise.html
“`markdown
## ONE SENTENCE SUMMARY:
Cisco has patched two critical vulnerabilities in Identity Services Engine (ISE) that could allow remote attackers to execute commands and escalate privileges.
## MAIN POINTS:
1. Two critical vulnerabilities (CVE-2025-20124 and CVE-2025-20125) have been identified in Cisco ISE.
2. CVE-2025-20124 allows remote attackers to execute arbitrary commands as root via insecure Java deserialization.
3. CVE-2025-20125 enables attackers to bypass authorization, access sensitive data, and alter node configurations.
4. Both flaws can be exploited using crafted Java objects or HTTP requests targeting specific API endpoints.
5. The vulnerabilities are independent of each other and have no available workarounds.
6. Cisco has fixed the issues in ISE releases 3.1P10, 3.2P7, 3.3P4, and confirmed 3.4 is not vulnerable.
7. Affected users should migrate to secure software versions for protection against potential exploitation.
8. The vulnerabilities were discovered by Deloitte researchers Dan Marin and Sebastian Radulea.
9. No known malicious exploitation of these vulnerabilities has been reported so far.
10. Keeping systems up-to-date is strongly recommended for maintaining security.
## TAKEAWAYS:
1. Update Cisco ISE software to fixed releases (3.1P10, 3.2P7, 3.3P4, or 3.4) immediately.
2. CVE-2025-20124 has a CVSS score of 9.9, indicating a highly critical threat.
3. CVE-2025-20125 poses a risk of unauthorized access and configuration changes with a CVSS score of 9.1.
4. No workarounds exist; direct updates are essential for mitigating these vulnerabilities.
5. Continuous system updates and monitoring are crucial to defend against emerging threats.
“`