One Article Review
| Source |  The Hacker News |
|---|---|
| Identifiant | 8647171 |
| Date de publication | 2025-02-06 13:10:00 (vue: 2025-02-06 09:08:03) |
| Titre | Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc |
| Texte | Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible devices.
The vulnerabilities are listed below -
CVE-2025-20124 (CVSS score: 9.9) - An insecure Java deserialization vulnerability in an API of Cisco ISE that could permit an authenticated, remote
Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible devices. The vulnerabilities are listed below - CVE-2025-20124 (CVSS score: 9.9) - An insecure Java deserialization vulnerability in an API of Cisco ISE that could permit an authenticated, remote |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 20124 2025 address allow api arbitrary are attackers authenticated below cisco cmdexec commands could critical cve cvss deserialization devices elevate enabling engine execute flaws has identity insecure ise java listed patches permit privesc privileges released remote root score: security services susceptible two updates vulnerabilities vulnerability |
| Tags | Vulnerability |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.