Summary: Cisco has issued patches for two critical vulnerabilities in its Identity Services Engine (ISE), affecting its security policy management platform. These flaws could allow authenticated remote attackers to execute arbitrary commands and bypass authorization on unpatched devices. Administrators are urged to upgrade their Cisco ISE appliances to fixed releases promptly to mitigate risks associated with these vulnerabilities.

Affected: Cisco ISE and Cisco ISE Passive Identity Connector (ISE-PIC) appliances

Keypoints :

• Vulnerabilities identified as CVE-2025-20124 and CVE-2025-20125 are tagged with a severity rating of 9.9/10.
• Exploits could allow unauthorized command execution and modification of system configurations through crafted requests.
• Admins should migrate to fixed releases as listed to ensure security and prevent potential attacks.