CVE-2025-20125

CRITICAL

Cisco ISE - Info Disclosure

Title source: llm

Description

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack of authorization in a specific API and improper validation of user-supplied data. An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to attacker to obtain information, modify system configuration, and reload the device. Note: To successfully exploit this vulnerability, the attacker must have valid read-only administrative credentials. In a single-node deployment, new devices will not be able to authenticate during the reload time.

Exploits (2)

exploitdb WORKING POC
by İbrahimsql · pythonremotemultiple
https://www.exploit-db.com/exploits/52397
github WORKING POC 3 stars
by Yuri08loveElaina · pythonpoc
https://github.com/Yuri08loveElaina/CVE-2025-20124_and_CVE-2025-20125

References (1)

Scores

CVSS v3 9.1
EPSS 0.0212
EPSS Percentile 84.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H

Details

CWE
CWE-862 CWE-285
Status published
Products (4)
cisco/identity_services_engine 3.1.0 (10 CPE variants)
cisco/identity_services_engine 3.2.0 (7 CPE variants)
cisco/identity_services_engine 3.3.0 (4 CPE variants)
cisco/identity_services_engine < 3.1
Published Feb 05, 2025
Tracked Since Feb 18, 2026