CVE-2025-20124

🗓️ 05 Feb 2025 16:12:07Reported by ciscoType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 245 Views🌐 WEB

Vulnerability in Cisco ISE API allows remote command execution as root due to insecure deserialization.

Reporter	Title	Published	Views	Family All 19
GithubExploit	Exploit for Deserialization of Untrusted Data in Cisco Identity_Services_Engine	16 Jun 202507:44	–	githubexploit
GithubExploit	Exploit for CVE-2026-20180	21 Apr 202615:21	–	githubexploit
GithubExploit	Exploit for Deserialization of Untrusted Data in Cisco Identity_Services_Engine	12 Aug 202522:34	–	githubexploit
ATTACKERKB	CVE-2025-20124	5 Feb 202517:15	–	attackerkb
Circl	CVE-2025-20124	5 Feb 202516:21	–	circl
Cisco	Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities	5 Feb 202516:00	–	cisco
Tenable Nessus	Cisco Identity Services Engine Insecure Java Deserialization and Authorization Bypass Vulnerabilities (cisco-sa-ise-multivuls-FTW9AOXF)	11 Feb 202500:00	–	nessus
CNNVD	Cisco ISE 代码问题漏洞	5 Feb 202500:00	–	cnnvd
CNVD	Cisco Identity Services Engine Code Issue Vulnerability (CNVD-2025-03531)	10 Feb 202500:00	–	cnvd
Cvelist	CVE-2025-20124 Cisco Identity Services Engine Java Deserialization Vulnerability	5 Feb 202516:12	–	cvelist

NVD

Vulners

Node

cisco identity_services_engineRange<3.1

cisco identity_services_engineMatch3.1.0-

cisco identity_services_engineMatch3.1.0patch1

cisco identity_services_engineMatch3.1.0patch2

cisco identity_services_engineMatch3.1.0patch3

cisco identity_services_engineMatch3.1.0patch4

cisco identity_services_engineMatch3.1.0patch5

cisco identity_services_engineMatch3.1.0patch6

cisco identity_services_engineMatch3.1.0patch7

cisco identity_services_engineMatch3.1.0patch8

cisco identity_services_engineMatch3.1.0patch9

cisco identity_services_engineMatch3.2.0-

cisco identity_services_engineMatch3.2.0patch1

cisco identity_services_engineMatch3.2.0patch2

cisco identity_services_engineMatch3.2.0patch3

cisco identity_services_engineMatch3.2.0patch4

cisco identity_services_engineMatch3.2.0patch5

cisco identity_services_engineMatch3.2.0patch6

cisco identity_services_engineMatch3.3.0-

cisco identity_services_engineMatch3.3.0patch1

cisco identity_services_engineMatch3.3.0patch2

cisco identity_services_engineMatch3.3.0patch3

[
  {
    "vendor": "Cisco",
    "product": "Cisco Identity Services Engine Software",
    "versions": [
      {
        "version": "3.0.0",
        "status": "affected"
      },
      {
        "version": "3.0.0 p1",
        "status": "affected"
      },
      {
        "version": "3.0.0 p2",
        "status": "affected"
      },
      {
        "version": "3.0.0 p3",
        "status": "affected"
      },
      {
        "version": "3.1.0",
        "status": "affected"
      },
      {
        "version": "3.0.0 p4",
        "status": "affected"
      },
      {
        "version": "3.1.0 p1",
        "status": "affected"
      },
      {
        "version": "3.0.0 p5",
        "status": "affected"
      },
      {
        "version": "3.1.0 p3",
        "status": "affected"
      },
      {
        "version": "3.1.0 p2",
        "status": "affected"
      },
      {
        "version": "3.0.0 p6",
        "status": "affected"
      },
      {
        "version": "3.2.0",
        "status": "affected"
      },
      {
        "version": "3.1.0 p4",
        "status": "affected"
      },
      {
        "version": "2.7.0 p8",
        "status": "affected"
      },
      {
        "version": "3.1.0 p5",
        "status": "affected"
      },
      {
        "version": "3.2.0 p1",
        "status": "affected"
      },
      {
        "version": "3.0.0 p7",
        "status": "affected"
      },
      {
        "version": "3.1.0 p6",
        "status": "affected"
      },
      {
        "version": "3.2.0 p2",
        "status": "affected"
      },
      {
        "version": "3.1.0 p7",
        "status": "affected"
      },
      {
        "version": "3.3.0",
        "status": "affected"
      },
      {
        "version": "3.2.0 p3",
        "status": "affected"
      },
      {
        "version": "3.0.0 p8",
        "status": "affected"
      },
      {
        "version": "3.2.0 p4",
        "status": "affected"
      },
      {
        "version": "3.1.0 p8",
        "status": "affected"
      },
      {
        "version": "3.2.0 p5",
        "status": "affected"
      },
      {
        "version": "3.2.0 p6",
        "status": "affected"
      },
      {
        "version": "3.1.0 p9",
        "status": "affected"
      },
      {
        "version": "3.3 Patch 2",
        "status": "affected"
      },
      {
        "version": "3.3 Patch 1",
        "status": "affected"
      },
      {
        "version": "3.3 Patch 3",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Cisco",
    "product": "Cisco ISE Passive Identity Connector",
    "versions": [
      {
        "version": "3.0.0",
        "status": "affected"
      },
      {
        "version": "3.2.0",
        "status": "affected"
      },
      {
        "version": "3.1.0",
        "status": "affected"
      },
      {
        "version": "3.3.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF

Parameter	Position	Path	Description	CWE
object	request body	/api/v1/admin/deserializer	Java deserialization RCE payload endpoint for Cisco ISE API	CWE-502

28 Mar 2025 13:22Current

9.7High risk

Vulners AI Score9.7

CVSS 3.17.2 - 9.9

EPSS0.09507

SSVC

CWE-502