#VU110217 Use of Hard-coded Password in Cisco Identity Services Engine (ISE) - CVE-2025-20286

Cybersecurity Help s.r.o.

Published: 2025-06-05

Vulnerability identifier: #VU110217

Vulnerability risk: High

CVSSv4.0: 4.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:H/E:U/U:Amber]

CVE-ID: CVE-2025-20286

CWE-ID: CWE-259

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco Identity Services Engine (ISE)
Server applications / Other server solutions

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to improper generation of credentials during the deployment of Cisco ISE on cloud platforms. A remote attacker can access sensitive data, execute limited administrative operations, modify system configurations or disrupt services within the impacted systems.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

Cisco Identity Services Engine (ISE): 003.001(000.518) - 003.004(000.608)

External links
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-aws-static-cred-FPMjUcm7

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Use of Hard-coded Password in Cisco Identity Services Engine on Cloud Platforms