Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands and elevate privileges on an affected device. Note: To exploit these vulnerabilities, the attacker must have valid read-only administrative credentials. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF Security Impact Rating: Critical CVE: CVE-2025-20124,CVE-2025-20125
http://news.poseidon-us.com/THpC2n

Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities

Like this:

Related

More Posts

This federal financial story you’ve heard before and that’s not a good thing

SA gov follows feds in blocking DeepSeek

This federal financial story you’ve heard before and that’s not a good thing

ANU hunts new tech lead following CIO promotion

Workday to cut 1750 jobs

Ex-Google engineer faces new US charges he stole AI secrets

Agency political appointees: Don’t break the workforce you need — urge them to stay

Phishing via "com-" prefix domains, (Wed, Feb 5th)

Democratic lawmakers press White House about Elon Musk’s access to classified data

How non-federal governments can up their evidence-based policy-making

Share this:

Like this:

Related

More Posts