Cisco has issued a new security advisory warning of newly discovered vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), revealing serious security flaws that could allow remote, unauthenticated attackers to execute arbitrary code on targeted systems with root privileges. The most severe of these vulnerabilities, tracked as CVE-2025-20337, carries the maximum CVSS score of 10.0.
This vulnerability is strikingly similar to another critical issue, CVE-2025-20281, which Cisco patched just weeks earlier.
https://thecyberexpress.com/cisco-cve-2 ... pic-flaws/