topic Cisco’s ISE bugs could allow root-level command execution in Threats https://community.isc2.org/t5/Threats/Cisco-s-ISE-bugs-could-allow-root-level-command-execution/m-p/76949#M1476 <P>Dear All,</P><P>&nbsp;</P><P><SPAN class="">Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands and elevate privileges on an affected device.</SPAN></P><P><SPAN class="">&nbsp;</SPAN></P><P><SPAN class="">Note: To exploit these vulnerabilities, the attacker must have valid read-only administrative credentials. Any administrator user can be used to exploit these vulnerabilities.</SPAN></P><P><SPAN class="">&nbsp;</SPAN></P><P><SPAN class="">For more information about these vulnerabilities, see the Details section of this advisory.</SPAN></P><P><SPAN class="">&nbsp;</SPAN></P><P><SPAN class="">Cisco has released software updates that address these vulnerabilities. <STRONG>There are no workarounds that address these vulnerabilities.</STRONG></SPAN></P><P><SPAN class="">&nbsp;</SPAN></P><P><SPAN class="">This advisory is available at the following link:</SPAN></P><P><SPAN class="">&nbsp;<BR /><A href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF" target="_blank">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF</A><BR /></SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Sat, 08 Feb 2025 15:40:02 GMT Kyaw_Myo_Oo 2025-02-08T15:40:02Z Cisco’s ISE bugs could allow root-level command execution https://community.isc2.org/t5/Threats/Cisco-s-ISE-bugs-could-allow-root-level-command-execution/m-p/76949#M1476 <P>Dear All,</P><P>&nbsp;</P><P><SPAN class="">Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands and elevate privileges on an affected device.</SPAN></P><P><SPAN class="">&nbsp;</SPAN></P><P><SPAN class="">Note: To exploit these vulnerabilities, the attacker must have valid read-only administrative credentials. Any administrator user can be used to exploit these vulnerabilities.</SPAN></P><P><SPAN class="">&nbsp;</SPAN></P><P><SPAN class="">For more information about these vulnerabilities, see the Details section of this advisory.</SPAN></P><P><SPAN class="">&nbsp;</SPAN></P><P><SPAN class="">Cisco has released software updates that address these vulnerabilities. <STRONG>There are no workarounds that address these vulnerabilities.</STRONG></SPAN></P><P><SPAN class="">&nbsp;</SPAN></P><P><SPAN class="">This advisory is available at the following link:</SPAN></P><P><SPAN class="">&nbsp;<BR /><A href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF" target="_blank">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF</A><BR /></SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Sat, 08 Feb 2025 15:40:02 GMT https://community.isc2.org/t5/Threats/Cisco-s-ISE-bugs-could-allow-root-level-command-execution/m-p/76949#M1476 Kyaw_Myo_Oo 2025-02-08T15:40:02Z