Cisco Patches Critical ISE and Intelligence Center Flaws in Major Security Update

Cisco has released 10 new security advisories, addressing more than a dozen vulnerabilities across multiple product lines. Among the most critical issues are two high-severity flaws in Cisco Identity Services Engine (ISE) and Unified Intelligence Center, both of which could be exploited to disrupt services or escalate privileges.

The first flaw, CVE-2025-20152, affects the RADIUS message processing in ISE and can be exploited remotely without authentication to trigger a denial-of-service (DoS) by forcing the system to reload. Cisco attributes the issue to the improper handling of certain RADIUS requests, where an attacker could send specially crafted authentication requests through a network access device (NAD) using ISE for AAA (authentication, authorization, and accounting).

The second major issue, CVE-2025-20113, impacts Cisco's Unified Intelligence Center and allows an authenticated attacker to escalate privileges—though only for specific administrative functions. This vulnerability stems from insufficient server-side validation of API or HTTP request parameters.

Another related flaw, CVE-2025-20114, rated as medium severity, also enables horizontal privilege escalation through insecure direct object reference (IDOR) attacks in crafted API requests.

Additional medium-severity vulnerabilities were found in products such as Cisco Webex, Secure Network Analytics, Duo, and Unified Communications and Contact Center Solutions. These flaws, if exploited, could lead to cross-site scripting (XSS), command injection, cached HTTP manipulation, data tampering, and fraudulent analytics reports.

Cisco has emphasized that no active exploitation of these vulnerabilities has been observed in the wild. Users are encouraged to visit Cisco’s Security Advisories page for detailed patch guidance and mitigation steps.