Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

CISA Warns of Cisco Identity Services Engine Vulnerability Exploited in Attacks

Organizations using Cisco ISE and ISE-PIC products have until August 18, 2025, to implement necessary mitigations as mandated by CISA’s Known Exploited Vulnerabilities catalog. These vulnerabilities stem from insufficient validation of user-supplied input, a fundamental security flaw classified under Common Weakness Enumeration CWE-74, which addresses improper neutralization of special elements in output used by downstream components. This level of access allows threat actors to manipulate network policies, extract sensitive authentication data, and establish persistent backdoors within compromised systems. The vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20337, allow attackers to achieve remote code execution with root privileges on affected systems. These vulnerabilities are very serious because they allow someone without a password to access critical network infrastructure components from a distance. Attackers can leverage these flaws to bypass network segmentation controls, access restricted network segments, and potentially deploy ransomware or establish command-and-control channels within compromised environments. CISA’s inclusion of these vulnerabilities in the KEV catalog triggers mandatory compliance requirements under Binding Operational Directive (BOD) 22-01 for federal agencies and cloud service providers. CISA has issued an urgent warning regarding two critical injection vulnerabilities in Cisco’s Identity Services Engine (ISE) that threat actors are actively exploiting. Organizations must apply vendor-supplied mitigations, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of vulnerable products if patches are unavailable. The affected systems are commonly deployed in enterprise environments to manage user authentication, authorization, and accounting (AAA) services across network resources. CISA added two Cisco ISE vulnerabilities (CVE-2025-20281, CVE-2025-20337) to its Known Exploited Vulnerabilities catalog. Attackers can gain root access and execute remote code on Cisco ISE systems.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 29 Jul 2025 06:05:15 +0000

Cyber News related to CISA Warns of Cisco Identity Services Engine Vulnerability Exploited in Attacks

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
1 year ago Securityaffairs.com

25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
2 months ago Cybersecuritynews.com

Taking the complexity out of identity solutions for hybrid environments: Identity Fabric and orchestration - For the past two decades, businesses have been making significant investments to consolidate their identity and access management platforms and directories to manage user identities in one place. Instead, businesses must learn how to consistently and ...
1 year ago Securityintelligence.com

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com

Identity as a Service - Let us introduce Identity as a Service, a revolutionary identity management strategy that aims to improve security, simplify user interfaces, and enable frictionless access to online resources. Organizations can use IDaaS platforms to access identity ...
1 year ago Feeds.dzone.com

How Strata Identity and Microsoft Entra ID solve identity challenges in mergers and acquisitions - In particular, there is an immediate and profound impact on the identity and access management postures of both companies. While most combined organizations aspire to eventually consolidate their identity systems, this is a challenging and ...
1 year ago Microsoft.com

New MOVEit Transfer critical bug is actively exploited - MUST READ. New MOVEit Transfer critical bug is actively exploited. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. PoC ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109 Rocke

25 Best Cloud Service Providers (Public and Private) in 2025 - Oracle Cloud offers a variety of services, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS), to help organizations build, deploy, and run applications in the cloud. Oracle Cloud is a cloud ...
3 months ago Cybersecuritynews.com

The Role of Identity Data Management in Achieving CISA'S Strategic Goals - At the heart of this growing risk is identity, with over 60% of all breaches today involving identity exploitation. As organizations continue to expand their digital footprints, driven by a move towards cloud resources and remote systems, their ...
1 year ago Cyberdefensemagazine.com

High-severity flaw affects Cisco Firepower Management Center - CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Hackers ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2024-23897 CVE-2024-0204 CVE-2023-20198 CVE-2023-38831 Rocke

The Latest Identity Theft Methods: Essential Protection Strategies Revealed - Identity theft has evolved far beyond the days of stolen mail and dumpster diving. Today's identity thieves employ sophisticated techniques, including account takeovers and government benefit fraud, making it essential for you to stay vigilant to ...
1 year ago Hackread.com

What is Azure Identity Protection and 7 Steps to a Seamless Setup - As a result, tools such as Microsoft's Azure Identity Protection have become a staple in protecting against compromised identities, account takeover, and misuse of privileges. Azure Identity Protection is a security service that provides a robust ...
1 year ago Securityboulevard.com

CISA pledges to resolve issues with threat sharing system after watchdog report - On Friday, the Department of Homeland Security’s Office of the Inspector General published a report on Automated Indicator Sharing (AIS) — which was used to spread cyber threat intelligence and was mandated as part of a 2015 law. The nation’s ...
11 months ago Therecord.media

Russia's Midnight Blizzard stole email of more Microsoft customers - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 Akira

Unseen Threats: Identity Blind Spots and Misconfigurations in Cybersecurity - It's rather obvious to most in the IT sector that cybercriminals consistently and successfully exploit stolen or weak online identities to gain unauthorized access to businesses of all types. It's these identities in an enterprise that are clearly ...
1 year ago Cybersecurity-insiders.com

SailPoint unveils two sets of new offerings to help companies grow their identity security program - SailPoint unveiled two sets of new offerings designed to give customers options as they build their identity program, while driving customer success throughout their identity journey. First, the company is extending the family of SailPoint Identity ...
1 year ago Helpnetsecurity.com

31 Alarming Identity Theft Statistics for 2024 - Identity theft is a prevalent issue that affects millions of people annually. Although the numbers are startling, we've selected the 31 most concerning identity theft statistics to help you understand how to secure your identity. In 2022, the FTC ...
1 year ago Pandasecurity.com

What is identity management? Definition from SearchSecurity - Identity management is the organizational process for ensuring individuals have the appropriate access to technology resources. Identity management is an essential component of security. Identity management includes authenticating users and ...
1 year ago Techtarget.com

The 11 Best Identity and Access Management Tools - Demand for Identity and Access Management tools is booming. Today, there are dozens of Identity and Access Management tools on the market. Identity and Access Management solutions share many things in common with other cybersecurity technologies. ...
1 year ago Heimdalsecurity.com

Healthcare firm WebTPA data breach impacted 2.5M individuals - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 APT29 BianLian

Monti gang claims the hack of the Wayne Memorial Hospital in Pennsylvania - CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits JetBrains ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 APT29 LockBit BianLian

Impact of Remote Work and Cloud Migrations on Security Perimeters - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 CVE-2023-40044 APT29 BianLian

newsletter Round 474 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. Critical Fortinet's ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-49103 CVE-2023-22515 APT28 APT29 BianLian

Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day - More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198. There is no patch or a workaround available and the only ...
1 year ago Bleepingcomputer.com CVE-2023-20198