InfoSecBulletin Cybersecurity for mankind
A critical vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC, identified as CVE-2025-20337, has a CVSS score of 10, indicating its high severity.
According to Cisco’s advisory, this vulnerability arises from “insufficient validation of user-supplied input” in a specific API. This means that an unauthenticated, remote attacker can execute arbitrary code on the underlying operating system with root privileges—without needing any credentials.
WhatsApp to allow usernames instead of phone numbers
Linux Unveils New Open Source Security Project “Akrites” For (OSS) Ecosystem
Data breach affects 14.2 million email logins across six ISPs
Asian Two AI startups launch Mythos-like Model
Polymarket Hack Reportedly Results in $3 Million Theft
Anthropic Confirms US Infrastructure Redeployment of Claude Mythos 5
Hackers Target Cloudflare-Hosted AWS Domains to Steal Console Logins
Daily Cyber security update for 26. 06. 2026
WhatsApp to Alert Users Before Chatting With New Numbers
OpenAI unveils its first custom chip, Named Jalapeño
This flaw “could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root,” Cisco warns.
The vulnerability affects
Cisco ISE 3.3 (Fixed in Patch 7)
Cisco ISE 3.4 (Fixed in Patch 2)
Cisco ISE 3.2 and earlier versions are unaffected by this vulnerability, providing some relief to organizations with older systems. However, those using newer versions must patch immediately to prevent serious issues.
The vulnerability lets attackers take full control of an affected system. By sending a harmful API request, they can directly insert commands into the operating system and gain root access, ignoring all security measures.
“An attacker could exploit these vulnerabilities by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device,” the advisory explains.
This exploit could be used to penetrate internal networks, install malware, steal credentials, or disable access controls.
Cisco’s Product Security Incident Response Team (PSIRT) has released patches for supported versions. There are no current signs of exploitation, but system administrators should address this serious vulnerability right away.
