思科身份服务引擎（Cisco Identity Services Engine，简称ISE）及其策略集成组件（ISE-PIC）中发现一个严重漏洞，编号为CVE-2025-20337。该漏洞获得CVSS最高风险评分10分，凸显其严重性和潜在影响。 根据思科安全公告，该漏洞源于特定API中"对用户输入验证不足"的问题。

Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin privileges. An advanced threat actor exploited the critical vulnerabilities ...

Networking vendor Cisco disclosed this week a critical vulnerability in one of its security policy products that was designated the highest severity rating possible. CVE-2025-20337 is a vulnerability ...

The tech giant says it is ‘aware of attempted exploitation’ of vulnerabilities with a maximum severity score that impact its Identity Services Engine platform. Cisco Systems disclosed that it is ...

The dramatic increase in BYOD devices, work from home and cloud applications has made obtaining visibility harder than ever. The Cisco ISE can be deployed on both physical Cisco’s SNS Server and ...

Cary, NC, July 18, 2025 (GLOBE NEWSWIRE) -- INE, a leading provider of enterprise IT training, cybersecurity education, and network security training, today responded to Cisco's urgent security ...

Cisco has fixed a command injection vulnerability with public exploit code that lets attackers escalate privileges to root on vulnerable systems. Tracked as CVE-2024-20469, the security flaw was found ...

Cisco is warning enterprise admins of two critical flaws within its identity and access management (IAM) solution, Identity Services Engine (ISE), that could allow attackers to obtain unauthorized ...

The latest flaw in Cisco Systems Identity Services Engine (ISE), which could expose sensitive information to an attacker, requires rotation of credentials as well as ...

Cisco patches three vulnerabilities in ISE and CCP tools One of the three has a 9.9/10 severity score Some ISE deployments are not vulnerable Cisco has patched three vulnerabilities in its Identity ...