InfoSecBulletin Cybersecurity for mankind
A critical vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC, identified as CVE-2025-20337, has a CVSS score of 10, indicating its high severity.
According to Cisco’s advisory, this vulnerability arises from “insufficient validation of user-supplied input” in a specific API. This means that an unauthenticated, remote attacker can execute arbitrary code on the underlying operating system with root privileges—without needing any credentials.
New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges
Microsoft June Patches 200 Vulnerabilities including 3 zero days
World’s first wind power underwater data center is now live
VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts
CVE-2026-50751
Check Point VPN 0-day Flaw Exploited in the Wild
AI-designed First ‘universal vaccine’ tested in humans
China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%
Hacker now exploits recently patched SolarWinds Serv-U flaw
Cisco SD-WAN Flaw Exploited and Trend Micro Flaws Allows to Security Bypass
Ransomware Crisis Deepens: 4,089 Victims Hit Across 121 Countries in 2026
This flaw “could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root,” Cisco warns.
The vulnerability affects
Cisco ISE 3.3 (Fixed in Patch 7)
Cisco ISE 3.4 (Fixed in Patch 2)
Cisco ISE 3.2 and earlier versions are unaffected by this vulnerability, providing some relief to organizations with older systems. However, those using newer versions must patch immediately to prevent serious issues.
The vulnerability lets attackers take full control of an affected system. By sending a harmful API request, they can directly insert commands into the operating system and gain root access, ignoring all security measures.
“An attacker could exploit these vulnerabilities by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device,” the advisory explains.
This exploit could be used to penetrate internal networks, install malware, steal credentials, or disable access controls.
Cisco’s Product Security Incident Response Team (PSIRT) has released patches for supported versions. There are no current signs of exploitation, but system administrators should address this serious vulnerability right away.
