Security News > 2025 > February > Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2025-02-05 CVE-2025-20124 Deserialization of Untrusted Data vulnerability in Cisco Identity Services Engine
A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. This vulnerability is due to insecure deserialization of user-supplied Java byte streams by the affected software.
network
low complexity
cisco CWE-502
7.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2048 21 1789 1684 288 3782