Cisco patches critical security issues, so update now

News
By published

Two critical-severity flaws recently addressed in Cisco Identity Services Engine

A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
(Image credit: Shutterstock)
  • Cisco releases fix for two flaws in Identity Services Engine
  • The flaws allowed for remote code execution, sensitive data exfiltration, and more
  • The first clean version of Identity Services Engine is 3.4

Cisco has released patches for two critical-severity vulnerabilities plaguing its Identity Services Engine (ISE) solution. Since the flaws can be abused to run arbitrary commands and steal sensitive information, Cisco urged its users to apply the fixes as soon as possible.

In a security advisory, the networking giant first said it patched a “deserialization of user-supplied Java byte streams” vulnerability tracked as CVE-2025-20124, and given a severity score of 9.9/10 (critical). By sending a custom serialized Java object to an affected Cisco ISE API, an attacker could execute arbitrary commands and elevate privileges.

The second flaw is an authentication bypass bug, occurring since an API did not perform authorization checks, or properly validated user-supplied data. A threat actor could send a malicious HTTP request to the API on the device to trigger it. This bug is tracked as CVE-2025-20125, and was given a severity score of 9.1/10 (critical).

Authentication required

While these flaws sound dangerous, they’re not that easy to exploit. Cisco said that threat actors would still need to be authenticated, and with a read-only admin account, at that.

Indeed, that means pulling the attack off is a lot more difficult, but still not impossible. As The Register properly noted, cybercriminals can phish for login credentials, or simply buy them off the black market.

“It's worth noting that NCC Group blamed last year's surge in ransomware attacks partly on compromised credentials, so it's not like these are too difficult to obtain. Rogue insiders can also abuse these holes, of course,” the publication said.

In any case, Cisco has already come out with fixes, so patching them should be done as soon as possible. Versions 3.0 - 3.3 were said to be vulnerable, so users should ensure they bring their software to version 3.4, at least. The good news is that there is still no evidence of abuse in the wild.

Via The Register

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Representational image depecting cybersecurity protection
Ivanti reveals major security update, so make sure you're protected
A person at a laptop with a cybersecure lock symbol floating above it.
Hackers are still using old Ivanti bugs to break into networks
Webex by Cisco banner on a Chromebook
Cisco warns some Webex users of worrying security flaw, so patch now
An image of network security icons for a network encircling a digital blue earth.
Industrial networks exposed to attack by faulty Moxa devices
Security
Broadcom releases fixes for multiple VMware security flaws
Latest in Security
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Latest in News
Zotac Gaming RTX 5090 Graphics Card
Nvidia Blackwell stock woes are compounded by price hikes as more RTX 5090 GPUs soar in pricing, and I’m sick and tired of it all at this point
A collage of Elizabeth Olsen's Scarlet Witch and Tatiana Maslany's She-Hulk
Marvel fans are already tired of Doomsday and Secret Wars cast gossip as two more superheroes get linked with roles in the next two Avengers movies
An Apple Music pink/pixellated poster advertising DJ with Apple Music
DJ with Apple Music lands, allowing subscribers to build and mix DJ sets directly from its +100 million-song catalog
The Meta Quest 3 and controllers on their charging station which is itself on a wooden desk next to a lamp
Forget Android XR, I've got my eyes on Vivo's new Meta Quest 3 competitor as it could be the most important VR headset of 2025
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
Marvel Rivals
Marvel Rivals will get two new hero skins for Moon Knight and Black Panther this week meaning I'll now need to farm even more Units
More about security
Data leak

A major Keenetic router data leak could put a million households at risk
Code Skull

This dangerous new ransomware is hitting Windows, ARM, ESXi systems
Dreame vacuum floorhead with Lowest Price graphic overlaid

My favorite affordable cordless stick vacuum just dropped to a historic low price, and if I didn't already have 5 vacuums at home I'd buy one immediately
See more latest
Most Popular
Data leak
A major Keenetic router data leak could put a million households at risk
A collage of Elizabeth Olsen's Scarlet Witch and Tatiana Maslany's She-Hulk
Marvel fans are already tired of Doomsday and Secret Wars cast gossip as two more superheroes get linked with roles in the next two Avengers movies
Quordle on a smartphone held in a hand
Quordle hints and answers for Wednesday, March 26 (game #1157)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Wednesday, March 26 (game #388)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Wednesday, March 26 (game #654)
Nvidia app
Tired of manually optimizing your games? Nvidia's new G-Assist could save you time
Zotac Gaming RTX 5090 Graphics Card
Nvidia Blackwell stock woes are compounded by price hikes as more RTX 5090 GPUs soar in pricing, and I’m sick and tired of it all at this point
Demonstrators protesting against the arrest of the Mayor of Istanbul Ekrem Imamoglu block Atatürk Boulevard on March 22, 2025 in Ankara, Türkiye.
Turkey's social media ban has been lifted, but VPN usage is still high
An iPhone running iOS 18 on a purple and blue background
iOS 18.4 could launch soon with a major upgrade to your iPhone’s notifications
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems