Cisco Alerts Users to Critical ISE Vulnerability Exposing Sensitive Data
gbhackers
Cisco has issued a critical security advisory (Advisory ID: cisco-sa-ise-aws-static-cred-FPMjUcm7) for its Identity Services Engine (ISE) when deployed on major cloud platforms—Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI).
The vulnerability, tracked as CVE-2025-20286 and classified under CWE-259 (Use of Hard-coded Password), carries a CVSS v3.1 base score of 9.9, indicating a severe risk.
The flaw arises from the improper generation of credentials during ISE deployment on these cloud platforms.
As a result, all ISE instances of the same software release and platform share identical static credentials.
This means that an attacker who extracts credentials from one ISE cloud deployment could potentially access other ISE instances deployed in similar environments, leading to unauthorized access, data exposure, configuration changes, and service disruptions.
Key Technical Details:
- Vulnerability ID: CVE-2025-20286
- CVSS Score: 9.9 (Critical)
- Attack Vector: Network (AV:N)
- Attack Complexity ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE