Cisco Identity Services Engine contains an injection vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input allowing an attacker to exploit this vulnerability by submitting a crafted API request. Successful exploitation could allow an attacker to perform remote code execution and obtaining root privileges on an affected device.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-20337 | Cisco Identity Services Engine Injection Vulnerability | exploitation_technique | T1106 | Native API |
Comments
This vulnerability, present in the API in Cisco ISE and Cisco ISE-PIC, allows for an attacker to use maliciously crafted API requests to a vulnerable device. If exploited, the attacker can gain the ability to execute arbitrary code at the root level.
References
|
| CVE-2025-20337 | Cisco Identity Services Engine Injection Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
This vulnerability, present in the API in Cisco ISE and Cisco ISE-PIC, allows for an attacker to use maliciously crafted API requests to a vulnerable device. If exploited, the attacker can gain the ability to execute arbitrary code at the root level.
References
|