CVE-2025-20337 - Vulnerability Details

A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is in the KEV database since July 28, 2025.

Exploitation active

Automatable yes

Technical Impact total

Vendors	Products
Cisco	Identity Services Engine Identity Services Engine Passive Identity Connector

Configuration 1 [-]

OR	cpe:2.3:a:cisco:identity_services_engine:3.3.0:-::::::
	cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1::::::
	cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2::::::
	cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3::::::
	cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4::::::
	cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5::::::
	cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6::::::
	cpe:2.3:a:cisco:identity_services_engine:3.4.0:-::::::
	cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1::::::
	cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:-::::::
	cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch1::::::
	cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch2::::::
	cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch3::::::
	cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch4::::::
	cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch5::::::
	cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch6::::::
	cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:-::::::
	cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch1::::::

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6

History

Tue, 29 Jul 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`	ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 28 Jul 2025 15:00:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2025-07-28T00:00:00+00:00', 'dueDate': '2025-08-18T00:00:00+00:00'}`

Thu, 17 Jul 2025 20:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco Cisco identity Services Engine Cisco identity Services Engine Passive Identity Connector
CPEs		cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:::::: cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:::::: cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:::::: cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3:::::: cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4:::::: cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5:::::: cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6:::::: cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:::::: cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:::::: cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:-:::::: cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch1:::::: cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch2:::::: cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch3:::::: cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch4:::::: cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch5:::::: cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch6:::::: cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:-:::::: cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch1::::::
Vendors & Products		Cisco Cisco identity Services Engine Cisco identity Services Engine Passive Identity Connector

Thu, 17 Jul 2025 13:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 16 Jul 2025 16:30:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
Title		Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
Weaknesses		CWE-74
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6
Metrics		cvssV3_1 `{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2025-07-16T16:17:04.664Z

Updated: 2025-07-30T01:36:09.152Z

Reserved: 2024-10-10T19:15:13.255Z

Link: CVE-2025-20337

Vulnrichment

Updated: 2025-07-17T13:06:08.056Z

NVD

Status : Analyzed

Published: 2025-07-16T17:15:30.573

Modified: 2025-07-29T01:00:01.253

Link: CVE-2025-20337

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation active

Automatable yes

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object