Security teams should be aware of critical vulnerabilities recently addressed in Cisco Identity Services Engine (ISE). These significant flaws could allow authenticated attackers to gain root access on affected systems.
Specifically, two separate vulnerabilities have been identified. One allows an attacker with basic administrative read-only privileges via the command-line interface (CLI) to escalate their privileges to root. The other allows an attacker with specific administrative privileges, such as helpdesk or standard admin access, to upload malicious files through the web management interface, also leading to root access.
Successful exploitation of these vulnerabilities would grant attackers the ability to execute arbitrary commands with the highest level of privilege on the vulnerable ISE appliance. This presents a severe security risk, potentially allowing attackers to compromise the network access control system entirely.
While Cisco has stated there are no known instances of these flaws being exploited in the wild, the critical nature of the issues necessitates urgent action.
Organizations using Cisco Identity Services Engine are strongly advised to apply the released security updates immediately. Applying the patch is the only effective way to mitigate these critical vulnerabilities and protect your network infrastructure from potential compromise. Ensure your ISE deployments are updated to the versions specified in Cisco’s security advisories.
Source: https://go.theregister.com/feed/www.theregister.com/2025/06/26/patch_up_cisco_fixes_two/
