CVE-2025-20337 – Cisco ISE/Cisco ISE-PIC Remote Code Execution Vulnerability

CVE ID : CVE-2025-20337

Published : July 16, 2025, 5:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability.

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

آسیب‌پذیری‌های جدید و وصله‌های امنیتی به‌صورت مداوم منتشر می‌شوند و عدم بروزرسانی به‌موقع می‌تواند امنیت سرویس‌های حیاتی را به خطر بیندازد. خدمات مدیریت و پشتیبانی سرور آفاق هاستینگ شامل پایش امنیتی، بروزرسانی نرم‌افزارها، نصب Patchهای امنیتی و سخت‌سازی سرورها است.

خدمات مدیریت و امنیت سرور

نوشته های مشابه

CVE-2026-40624 – AVer PTC cameras Files or Directories Accessible to External Parties

CVE-2026-50034 – Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT Cleartext Transmission of Sensitive Information

CVE-2026-52866 – Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT Missing Authorization

CVE-2026-12049 – pgAdmin 4: Open redirect in multi-factor authentication flow via unvalidated ‘next’ parameter