CVE-2025-20130NVD

Vulnerability Summary

A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device.

This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system.

Severity Level

MEDIUM(4.9)

Published Date

Jun 4, 2025

Last Modified

Jul 22, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-284: Unknown/Unlisted Weakness ↗

Refer to the official MITRE database for detailed architectural specifications regarding this weakness.

CVSS v3.1 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredHigh

User InteractionNone

ScopeUnchanged

ConfidentialityNone

IntegrityHigh

AvailabilityNone

External References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-P4M8vwXY

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2025-20130NVD

Vulnerability Summary

External References