1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Cisco warns over worrying security flaws in ISE affecting AWS, Az

    From TechnologyDaily@1337:1/100 to All on Thu Jun 5 16:15:08 2025
    Cisco warns over worrying security flaws in ISE affecting AWS, Azure cloud deployments - here's what you need to know

    Date:
    Thu, 05 Jun 2025 15:03:00 +0000

    Description:
    Credentials are being shared across instances, leaving organizations vulnerable to cyberattacks.

    FULL STORY ======================================================================Cisco patches three vulnerabilities in ISE and CCP tools One of the three has a 9.9/10 severity score Some ISE deployments are not vulnerable

    Cisco has patched three vulnerabilities in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP) tools, including a
    critical-severity issue which has a public proof-of-concept (PoC) exploit.

    Recently, three vulnerabilities were discovered, now tracked as CVE-2025-20286, CVE-2025-20130, and CVE-2025-20129. The former is described
    as a static credential reuse vulnerability, found in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of ISE.

    It has a severity score of 9.9/10 (critical), and stems from improper generation of login credentials, when ISE is deployed on cloud platforms. As
    a result, different Cisco ISE deployments can share the same credentials, as long as the software release and cloud platform are the same. Proof of
    Concept available

    As a result, threat actors could access ISE instances deployed in other cloud environments through unsecured ports, gaining access to sensitive data, being able to execute limited admin operations, modify system configurations, and even disrupt different services.

    The silver lining here is that the flaw is exploitable only if the Primary Administration node is deployed in the cloud. If its on-prem, then the instance is not vulnerable.

    "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory, Cisco said.

    ISE is a security policy management platform that provides secure network access control and visibility for devices and users, and CCP is a collaboration platform, allowing businesses to engage with their customers.

    Here is a list of ISE deployments not vulnerable to attacks, according to Ciscos advisory:

    - All on-premises deployments with any form factors where artifacts are installed from Cisco Software Download Center (ISO or OVA). This includes appliances and virtual machines with different form factors.

    - ISE on Azure VMware Solution (AVS)

    - ISE on Google Cloud VMware Engine

    - ISE on VMware cloud in AWS

    - ISE hybrid deployments with all ISE Administrator personas (Primary and Secondary Administration) on-premises with other personas in the cloud.

    Via BleepingComputer You might also like Cisco has patched a worrying flaw which could have let attackers hijack devices Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/cisco-warns-over-worrying-security-flaw s-in-ise-affecting-aws-azure-cloud-deployments


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)