CyberSecurityBoard
Sponsor Register Login

CVE-2025-20282

A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system.

Publication date: Wed, 25 Jun 2025 00:00:00 +0000


Cyber News related to CVE-2025-20282

Weekly Cybersecurity Recap : Sharepoint 0-day, Vmware Exploitation, Threats and Cyber Attacks - Tracked as CVE-2025-12345, this flaw allows remote code execution (RCE) without authentication, potentially enabling attackers to compromise sensitive data or deploy malware on affected servers. The U.S. Cybersecurity and Infrastructure Security ...
2 months ago Cybersecuritynews.com CVE-2025-12345 APT41
Max severity Cisco ISE bug allows pre-auth command execution, patch now - A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. ...
2 months ago Bleepingcomputer.com CVE-2025-20337
Cisco Warns of Identity Services Engine RCE Vulnerability Exploited in the Wild - Cisco Systems has issued a critical security advisory warning of multiple remote code execution vulnerabilities in its Identity Services Engine (ISE) that are being actively exploited by attackers in the wild. The company’s Product Security ...
2 months ago Cybersecuritynews.com CVE-2025-20281
CVE-2025-20282 - A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This ...
3 months ago CVE-2025-20337
CVE-2021-20282 - When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. ...
4 years ago
CVE-2023-21613 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this ...
2 years ago
CVE-2023-21611 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege ...
2 years ago
CVE-2023-21612 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege ...
2 years ago
CVE-2023-21608 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. ...
2 years ago
CVE-2023-21609 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ...
2 years ago
CVE-2023-21605 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current ...
2 years ago
CVE-2023-21606 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ...
2 years ago
CVE-2023-21607 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current ...
2 years ago
CVE-2023-21604 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the ...
2 years ago
CVE-2023-21581 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this ...
2 years ago
CVE-2023-21585 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this ...
2 years ago
CVE-2023-21579 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the ...
2 years ago
CVE-2023-22242 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ...
2 years ago
CVE-2023-22241 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ...
2 years ago
CVE-2023-22240 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. ...
2 years ago
CVE-2023-21610 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the ...
2 years ago
CVE-2023-21614 - Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this ...
2 years ago
CVE-2022-20282 - In AppWidget, there is a possible way to start an activity from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for ...
2 years ago
CVE-2024-20282 - A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access ...
1 year ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)