CVE-2025-20281

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-20281

10.0 /10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

A

vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.

References
Link Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20281 US Government Resource
https://www.zerodayinitiative.com/blog/2025/7/24/cve-2025-20281-cisco-ise-api-unauthenticated-remote-code-execution-vulnerability Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch2:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch3:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch4:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch5:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch6:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch1:*:*:*:*:*:*
History

28 Oct 2025, 13:59

Type Values Removed Values Added
References () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20281 - () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20281 - US Government Resource

21 Oct 2025, 23:16

Type Values Removed Values Added
References
  • () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20281 -

21 Oct 2025, 20:20

Type Values Removed Values Added
References
  • {'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20281', 'source': '134c704f-9b21-4f2e-91b3-4a467353bcc0'}

21 Oct 2025, 19:21

Type Values Removed Values Added
References
  • () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20281 -

30 Jul 2025, 19:24

Type Values Removed Values Added
References
  • () https://www.zerodayinitiative.com/blog/2025/7/24/cve-2025-20281-cisco-ise-api-unauthenticated-remote-code-execution-vulnerability - Exploit, Third Party Advisory
CPE cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch6:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6:*:*:*:*:*:*

16 Jul 2025, 17:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : 10.0

26 Jun 2025, 20:35

Type Values Removed Values Added
First Time Cisco identity Services Engine
Cisco identity Services Engine Passive Identity Connector
Cisco
References () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 - () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 - Vendor Advisory
CPE cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch3:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch5:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch2:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch4:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3:*:*:*:*:*:*

26 Jun 2025, 18:57

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad en una API específica de Cisco ISE y Cisco ISE-PIC podría permitir que un atacante remoto no autenticado ejecute código arbitrario en el sistema operativo subyacente como root. El atacante no necesita credenciales válidas para explotar esta vulnerabilidad. Esta vulnerabilidad se debe a una validación insuficiente de la información proporcionada por el usuario. Un atacante podría explotar esta vulnerabilidad enviando una solicitud de API manipulada. Una explotación exitosa podría permitirle obtener privilegios de root en un dispositivo afectado.

25 Jun 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-25 16:15

Updated : 2025-10-28 13:59

NVD link : CVE-2025-20281

Mitre link : CVE-2025-20281

CVE.ORG link : CVE-2025-20281

JSON object : View

Products Affected

cisco

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')