<ul data-eligibleForWebStory="true"><li>Cisco released patches to address two critical vulnerabilities in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow remote attackers to execute code as root.</li><li>The vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20282, enable remote, unauthenticated attackers to run arbitrary code with root privileges.</li><li>No workarounds are available for these vulnerabilities, and Cisco provided fixed releases to address the issues.</li><li>The Product Security Incident Response Team (PSIRT) states there have been no reported attacks in the wild exploiting these flaws.</li></ul>

Cisco fixed critical ISE flaws allowing Root-level remote code execution

Discover more