1.0 Introduction
Recently, Cisco has released security advisories addressing multiple critical remote code execution (RCE) vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in the wild. Immediate patching is highly recommended to mitigate potential compromise.
2.0 Impact
These vulnerabilities could allow an unauthenticated remote attacker to execute arbitrary code as the root user on the affected Cisco ISE system. This could lead to full system compromise, data breaches, service disruption, and lateral movement within an organization's internal network.
3.0 Affected Products
- CVE-2025-20281 (Critical) : Cisco ISE or ISE-PIC version 3.3 and 3.4
- CVE-2025-20337 (Critical) : Cisco ISE or ISE-PIC version 3.3 and 3.4
- CVE-2025-20282 (Critical) : Cisco ISE or ISE-PIC version 3.4 only
4.0 Recommendation
CyberSecurity Malaysia urges users and organisations to review the Cisco Security Updates, follow the Mitigation steps and apply the necessary updates.
Kindly refer to the URL for more information:
Generally, Cyber999 advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact Cyber999 through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17.30 MYT
Web: https://www.cybersecurity.my
5.0 References