CISA Alerts: Act Now on Critical Cisco Vulnerabilities
▼ Summary
– CISA added three new vulnerabilities to its Known Exploited Vulnerabilities catalog on July 28, including two critical Cisco ISE flaws.
– The Cisco vulnerabilities (CVE-2025-20281 and CVE-2025-20337) stem from insufficient input validation in specific APIs, allowing remote code execution as root.
– Both Cisco flaws affect multiple versions of ISE and ISE-PIC, with CVSS scores of 10, and patches have been released.
– CISA set an August 18 remediation deadline for the Cisco vulnerabilities, with no workaround available beyond patching.
– The third vulnerability (CVE-2023-2533) is a high-severity CSRF flaw in PaperCut NG/MF print management software.
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding three newly identified vulnerabilities, including two critical flaws in Cisco’s network security systems. These security gaps, now listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog, pose significant risks to organizations relying on Cisco Identity Services Engine (ISE) software for access control and authentication.
Tracked as CVE-2025-20281 and CVE-2025-20337, these vulnerabilities stem from inadequate validation of user-supplied inputs in specific API functions. Attackers can exploit them by sending manipulated API requests, potentially gaining root-level access to affected systems without authentication. This could allow malicious actors to execute arbitrary code, compromising entire network infrastructures.
The flaws impact multiple versions of Cisco ISE, including 3.3.0 through 3.4 Patch 1, as well as Cisco ISE Passive Identity Connector (ISE-PIC) versions 3.1.0 to 3.4.0. Both vulnerabilities carry a maximum severity rating (CVSS 10.0), underscoring their potential for widespread damage.
Cisco has already released patches to address these issues, and the company’s Product Security Incident Response Team (PSIRT) has confirmed active exploitation attempts in the wild. CISA has mandated that all federal agencies and private sector organizations apply these updates by August 18, emphasizing the urgency of remediation.
In addition to the Cisco vulnerabilities, CISA flagged CVE-2023-2533, a high-severity cross-site request forgery (CSRF) flaw in PaperCut NG and MF print management software. While less severe than the Cisco bugs, this vulnerability still presents risks for organizations using PaperCut for print and document management.
Proactive patching remains the only viable solution, as no temporary workarounds exist for these critical security gaps. Organizations are urged to prioritize updates to safeguard their networks from potential breaches.
(Source: Info Security)
