{"uuid": "3c710407-a5e6-459d-80d8-6bb4e9a319d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20281", "type": "seen", "source": "https://t.me/TheDarkWebInformer/18513", "content": "\ud83d\udea8Critical Cisco ISE Vulnerabilities, CVE-2025-20281 & CVE-2025-20282\n\nTwo unauthenticated RCE flaws have been disclosed in Cisco ISE and ISE-PIC, allowing remote attackers to execute commands as root without credentials.\n\n CVE-2025-20281\n\u2022 Affects: ISE 3.3 & 3.4\n\u2022 Flaw: Improper input validation in external API\n\u2022 CVSS: 9.8\n\nCVE-2025-20282\n\u2022 Affects: ISE 3.4\n\u2022 Flaw: Internal API permits privileged file uploads\n\u2022 CVSS: 10.0 (Critical)\n\nFull advisory:\nhttps://www.cisco.com/c/en/us/support/docs/field-notices/704/fn70475.html\n\nCVE-2025-20281:\nhttps://www.cvedetails.com/cve/CVE-2025-20281/\n\nCVE-2025-20282:\nhttps://www.cvedetails.com/cve/CVE-2025-20282/", "creation_timestamp": "2025-06-26T15:28:30.000000Z"}