- Cisco patched an error in maximum severity affects Identity Services Engine and Ise Passive Identity Connector
- The error enabled threat actors to run arbitrary code on the underlying OS
- It was patched in versions 3.3 and 3.4
A vulnerability in the maximum severity was recently discovered and patched in Cisco Identity Services Engine (ISE) and Ise Passive Identity Connector (ISE-Pic). This error allowed threat players to perform arbitrary code with increased privileges on the operating system for the devices running the tools.
ISE is a network security policy management and access control platform that helps organizations centrally control who and what can connect to their network. ISE-PIC, on the other hand, is an easy service that collects identity information about users and devices without requiring them to authenticate through traditional methods.
Both tools are typically used by Enterprise IT and Cyber Security teams that manage large or complex networking environments.
The meaning of patching
Recently, security researcher Kentaro Kawane from GMO-Cyber Security discovered an insufficient validation of user-delivered input vulnerability that could be utilized by submitting a designed API request. Valid credentials are not required to abuse the error.
It is traced as CVE-2025-20337 and got a severity of 10/10 (critical). It affects releases 3.3 and 3.4 of the tools, regardless of device configuration. However, releases 3.2 or older are not affected.
Cisco addressed the deficiencies in these versions:
– Cisco ise or ise-pic release 3.3 (fixed in 3.3 patch 7)
-Cisco Ise or Ise-Pic Release 3.4 (Fixed in 3.4 Patch 2)
The good news is that there is no evidence that vulnerability has been exploited in the wild by malicious actors. However, cyber criminals are known for targeting organizations only after a mistake was published as many devices do not rush to use patches. By keeping hardware and software outdated, organizations keep their back doors open and criminals get an easy way into the premises.
Therefore, it would be good practice to use patches as soon as possible and prevent possible attacks.
Via Hacker the news
