Unrated severityNVD Advisory· Published Jun 4, 2025· Updated Jun 23, 2025

Cisco Identity Services Engine Access Control Bypass Vulnerability

CVE-2025-20130

Description

A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device.

This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system.

Affected products

Cisco Systems, Inc./Identity Services Enginellm-fuzzy
Cisco Systems, Inc./Cisco ISE Passive Identity Connectorllm-fuzzy
Cisco/Cisco Identity Services Engine Softwarev5
Range: 3.0.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-P4M8vwXYmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000