1.0 Introduction
Recently, Cisco has released security advisories addressing multiple critical remote code execution (RCE) vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in the wild. Immediate patching is highly recommended to mitigate potential compromise.
2.0 Impact
These vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary code as the root user on the affected Cisco ISE system. This could lead to full system compromise, data breaches, service disruption, and lateral movement within an organization’s internal network.
3.0 Affected Products
- CVE-2025-20281 (Critical) : Cisco ISE or ISE-PIC version 3.3 and 3.4
- CVE-2025-20337 (Critical) : Cisco ISE or ISE-PIC version 3.3 and 3.4
- CVE-2025-20282 (Critical) : Cisco ISE or ISE-PIC version 3.4 only
4.0 Recommendation
Cybersecurity Malaysia urges users and organizations to review the Cisco Security Updates, follow the Mitigation steps and apply the necessary updates.
