{"vulnerability": "CVE-2025-20282", "sightings": [{"uuid": "225cc4ee-70be-428f-9585-65f2d43bbae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/114773893007684210", "content": "", "creation_timestamp": "2025-06-30T19:10:24.784353Z"}, {"uuid": "0374179a-0337-4608-909c-9ad26ed7e1f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lstb4emlsk2m", "content": "", "creation_timestamp": "2025-06-30T13:11:43.941817Z"}, {"uuid": "d3baf4c7-808b-4ac8-96d8-4382fe240d75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3lskaae5hcc2v", "content": "", "creation_timestamp": "2025-06-26T23:02:04.212378Z"}, {"uuid": "928fbb53-86a3-458f-81c0-948c75070434", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3lsl62klzts2u", "content": "", "creation_timestamp": "2025-06-27T07:55:40.669933Z"}, {"uuid": "83d98b36-d678-44a2-a67b-8ec94b39cb63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lssao3gmyc2f", "content": "", "creation_timestamp": "2025-06-30T03:31:04.525555Z"}, {"uuid": "eee98eac-7c3e-4608-944e-e9943df7ec73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3lsunmiwwjp2j", "content": "", "creation_timestamp": "2025-07-01T02:28:06.154863Z"}, {"uuid": "2ebb8746-8766-4685-873b-20a8e729f992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lsunmjkk6323", "content": "", "creation_timestamp": "2025-07-01T02:28:07.282602Z"}, {"uuid": "da8c8db3-d989-4999-94e7-53bd397f9a9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lsismjyrp22c", "content": "", "creation_timestamp": "2025-06-26T09:25:43.681188Z"}, {"uuid": "76a3bdb2-a200-4f3c-80cb-7a37eeb1d784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lsismmr2vc2c", "content": "", "creation_timestamp": "2025-06-26T09:25:44.360930Z"}, {"uuid": "abae3f27-3ca1-4315-8559-47f2366c816a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-12d19119-adc51df4a6f8280e", "content": "", "creation_timestamp": "2025-07-01T10:51:28.296987Z"}, {"uuid": "1de6d2dc-1ccd-4104-bbf5-68f19ba9c733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lsismmr4ts2c", "content": "", "creation_timestamp": "2025-06-26T09:25:44.983667Z"}, {"uuid": "b7b6e5df-8520-4cd4-abf8-07d59f5c5a3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lshhk7i3pt25", "content": "", "creation_timestamp": "2025-06-25T20:34:49.996853Z"}, {"uuid": "22dea13f-e5ff-4dbd-972f-80b9f3f29820", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/buzzleaktv.bsky.social/post/3lslrhorkhr2t", "content": "", "creation_timestamp": "2025-06-27T13:43:02.729539Z"}, {"uuid": "818ee602-7aeb-4da5-ab7d-2328f8f905c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lsrhyisml22g", "content": "", "creation_timestamp": "2025-06-29T20:09:28.460903Z"}, {"uuid": "419ecada-5c48-4bf7-a90e-469d38d66373", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114748446600242978", "content": "", "creation_timestamp": "2025-06-26T07:19:02.345630Z"}, {"uuid": "46c84687-d62e-4a61-ad91-844fbfa427cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lsjf5zlem22v", "content": "", "creation_timestamp": "2025-06-26T14:57:36.817108Z"}, {"uuid": "4a087715-2829-4ebb-ae08-430715767797", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20282", "type": "seen", "source": "https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3lsmrzmcfn6v2", "content": "", "creation_timestamp": "2025-06-27T23:26:02.464693Z"}, {"uuid": "53da3056-9a57-4b65-b090-b60dfc2e403e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0204", "content": "", "creation_timestamp": "2025-06-26T07:02:07.000000Z"}, {"uuid": "81f788da-68c0-4a14-af5b-93f7975fe9d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/114750372336406746", "content": "", "creation_timestamp": "2025-06-26T15:28:47.306111Z"}, {"uuid": "dd3fb4ef-af05-4074-998c-739df99440db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/114749717718448984", "content": "", "creation_timestamp": "2025-06-26T12:42:18.211121Z"}, {"uuid": "8a8d5102-1bb0-453a-8cb1-6b73dcde645c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lsjhdnchct22", "content": "", "creation_timestamp": "2025-06-26T15:36:30.016705Z"}, {"uuid": "1f5f392a-0508-4039-b3ad-8a8550ab5f10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/jbhall56.bsky.social/post/3lsj5mftc5k2m", "content": "", "creation_timestamp": "2025-06-26T12:42:27.597141Z"}, {"uuid": "4575718c-f84a-46a6-8338-21a94e922f20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://infosec.exchange/users/mttaggart/statuses/114869831048423158", "content": "", "creation_timestamp": "2025-07-17T17:48:43.050872Z"}, {"uuid": "081f602c-c620-44aa-b06d-a15e2a21322d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/digitaltrustcenter.bsky.social/post/3lsjlgiszok2t", "content": "", "creation_timestamp": "2025-06-26T16:49:42.866716Z"}, {"uuid": "f8ff087e-db65-42b8-8a0c-4753ce54447b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/digitaltrustcenter.bsky.social/post/3lsjli3pkxk2t", "content": "", "creation_timestamp": "2025-06-26T16:50:35.051993Z"}, {"uuid": "c5fc1a76-7505-4b47-a340-26544afe833c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://thehackernews.com/2025/06/critical-rce-flaws-in-cisco-ise-and-ise.html", "content": "", "creation_timestamp": "2025-06-26T11:24:00.000000Z"}, {"uuid": "65604607-e517-4e4e-b90e-e51000d6d61d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-608/", "content": "", "creation_timestamp": "2025-07-17T03:00:00.000000Z"}, {"uuid": "d11a5e31-34a5-4b02-b5a4-2a1048dda046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0204", "content": "", "creation_timestamp": "2025-07-17T15:33:07.000000Z"}, {"uuid": "96b7122c-8817-4abe-801f-6916536966a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-68e08468-847737c6adef6f88", "content": "", "creation_timestamp": "2025-07-18T05:51:58.752583Z"}, {"uuid": "491bfa5c-e40e-4871-a121-502e18b26fc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/ha3ks.com/post/3luilgtqdac2w", "content": "", "creation_timestamp": "2025-07-21T18:07:35.350725Z"}, {"uuid": "cf5777ea-6ec2-4405-b0c2-bc52d7386dde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-ddae93d2-2612a98c6137f85b", "content": "", "creation_timestamp": "2025-07-23T08:18:00.933144Z"}, {"uuid": "f5559333-3422-47e2-a443-b04e1083bc8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0204", "content": "", "creation_timestamp": "2025-07-23T05:46:25.000000Z"}, {"uuid": "972f8822-78c7-4815-9ed4-39d2a83c9a1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3lukthnrqtk26", "content": "", "creation_timestamp": "2025-07-22T15:36:36.123195Z"}, {"uuid": "aca8a20f-3afe-4a18-9713-945bac2413ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://infosec.exchange/users/Opalsec/statuses/114899134990644269", "content": "", "creation_timestamp": "2025-07-22T22:02:30.016555Z"}, {"uuid": "3674ecb3-0d8d-4263-8364-425911894aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lugcv4lzhk2b", "content": "", "creation_timestamp": "2025-07-20T20:29:11.725959Z"}, {"uuid": "cdf0d8f6-0298-459b-8e41-f73198eed075", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20282", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3luntgs5huc2n", "content": "", "creation_timestamp": "2025-07-23T20:14:04.292728Z"}, {"uuid": "a6129f75-9604-4120-82bd-55cf36d81a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lunvt6bh2s26", "content": "", "creation_timestamp": "2025-07-23T20:56:49.994323Z"}, {"uuid": "8d7bfefe-2320-4ac6-b3ff-a1ba48f4c604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lupmrisvh225", "content": "", "creation_timestamp": "2025-07-24T13:20:08.619628Z"}, {"uuid": "d1d73d65-8419-40e7-b6d7-c94a30193709", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1579", "content": "", "creation_timestamp": "2025-06-26T04:00:00.000000Z"}, {"uuid": "dacf1b4e-89bf-4d76-9047-c33307f1ee6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lv36rter3k2r", "content": "", "creation_timestamp": "2025-07-29T03:41:41.622313Z"}, {"uuid": "dc22ef52-3916-4801-84c4-6abdc8e4a3f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "MISP/2bceffac-02c3-4c54-a709-6e253b38ec76", "content": "", "creation_timestamp": "2025-09-09T20:56:43.000000Z"}, {"uuid": "7cf0bfbc-be3c-4064-bcec-dc43df23161a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mdj6cd4k6624", "content": "", "creation_timestamp": "2026-01-28T21:03:04.061778Z"}, {"uuid": "3f68c193-4821-4f23-96c3-284336d5c6e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_14/2025", "content": "", "creation_timestamp": "2025-06-26T07:49:21.000000Z"}, {"uuid": "5f0f5269-7687-4d8c-9570-2027cef23073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://t.me/true_secator/7172", "content": "Cisco \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 Cisco Identity Services Engine (ISE) \u0438 Passive Identity Connector (ISE-PIC).\n\nCVE-2025-20281\u00a0\u0438\u00a0CVE-2025-20282 \u0438\u043c\u0435\u044e\u0442 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 10,0).\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u0438 ISE \u0438 ISE-PIC 3.4 \u0438 3.3, \u0442\u043e\u0433\u0434\u0430 \u043a\u0430\u043a \u0432\u0442\u043e\u0440\u0430\u044f - \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044e 3.4.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u043f\u0440\u0438\u0447\u0438\u043d\u0430 CVE-2025-20281 - \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u043c \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c API, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 API \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2025-20282 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u043c API, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0432 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0446\u0435\u043b\u0435\u0432\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0438\u0445 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root.\n\n\u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u0430\u0445\u0432\u0430\u0442\u0443 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u0435\u0437 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 Cisco \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0439 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u0438\u0445 \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0441\u0447\u0438\u0442\u0430\u0435\u0442 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u043d\u043e\u0432\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u043e\u043c \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 3.3 Patch 6 (ise-apply-CSCwo99449_3.3.0.430_patch4) \u0438 3.4 Patch 2 (ise-apply-CSCwo99449_3.4.0.608_patch1) \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u041e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c\u044b\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\nCisco \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c, \u043a\u0430\u0441\u0430\u044e\u0449\u0438\u0439\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, CVE-2025-20264, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 ISE.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0430\u0434\u0435\u043a\u0432\u0430\u0442\u043d\u044b\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 SAML SSO \u0441 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u043c \u0443\u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u0435\u043d\u0438\u0439.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438, \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e SSO, \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434 \u0434\u043b\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\nCVE-2025-20264 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 ISE \u0434\u043e \u0432\u0435\u0442\u043a\u0438 3.4. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 3.4 Patch 2 \u0438 3.3 Patch 5. \n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043e\u0431\u0435\u0449\u0430\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f 3.2 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c 3.2 Patch 8, \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043d\u0430 \u043d\u043e\u044f\u0431\u0440\u044c 2025 \u0433\u043e\u0434\u0430.\n\nISE 3.1 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b, \u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f, \u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0442\u043a\u0443 \u0432\u044b\u043f\u0443\u0441\u043a\u0430.", "creation_timestamp": "2025-06-26T18:49:00.000000Z"}, {"uuid": "2a369ed4-7f5b-40ef-8a2a-f2c68d7df5de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/18657", "content": "\ud83d\udea8CVE-2025-20281 &amp; CVE-2025-20282: Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC\n\n\u2022 CVSS: 10\n\u2022 ZoomEye Dork: app=\"Cisco ISE\"\n\u2022 Results: 1,937\n\u2022 Advisory:\ngithub.com/advisories/GHSA-rc4f-42xm-hvjw and github.com/advisories/GHSA-w8p2-wjjr-hr24\n\n\u2022 PoC: github.com/abrewer251/CVE-2025-20281-2-Citrix-ISE-RCE\n\n\u2022 ZoomEye Search: zoomeye.ai/searchResult?q=YXBwPSJDaXNjbyBJU0Ui\n\nhttps://darkwebinformer.com/cve-2025-20281-cve-2025-20282-unauthenticated-rce-vulnerabilities-in-cisco-ise-and-ise-pic/\n\n\u2014\u2014\u2014\u2014\u2014\n\nFollow @zoomeye_team's official Twitter/X account and send the message \u201cDark Web Informer\u201d via DM to receive an extra 15-day membership. \ud83d\udc99", "creation_timestamp": "2025-06-30T19:28:14.000000Z"}, {"uuid": "0174163f-9c1c-45eb-9282-22bfc352bd19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/56354", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aProof of concept of CVE-2025-20282, the perfect 10.\nURL\uff1ahttps://github.com/skadevare/CiscoISE-CVE-2025-20282-POC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-10-21T10:46:38.000000Z"}, {"uuid": "2eddc9d0-c3ab-469d-9182-d161a048d35e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19481", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20282\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root.\n\nThis vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system.\n\ud83d\udccf Published: 2025-06-25T16:29:12.357Z\n\ud83d\udccf Modified: 2025-06-25T16:29:12.357Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6", "creation_timestamp": "2025-06-25T16:47:36.000000Z"}, {"uuid": "8e5b6f9f-0982-48d0-a07c-e7ce6f49d13c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "exploited", "source": "https://t.me/true_secator/7258", "content": "\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Cisco Identity Services Engine (ISE), \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438, \u0442\u0435\u043f\u0435\u0440\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0421\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0430 Cisco PSIRT \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430, \u043d\u043e \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u043c 25 \u0438\u044e\u043d\u044f 2025 \u0433. (CVE-2025-20281 \u0438 CVE-2025-20282) \u0438 16 \u0438\u044e\u043b\u044f 2025 \u0433. (CVE-2025-20337):\n\n- CVE-2025-20281: RCE \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Cisco Identity Services Engine (ISE) \u0438 ISE Passive Identity Connector (ISE-PIC). \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 API-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u0432 \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u041e\u0421 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 ISE 3.3 (\u043f\u0430\u0442\u0447 7) \u0438 3.4 (\u043f\u0430\u0442\u0447 2).\n\n- CVE-2025-20282:\u00a0\u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 Cisco ISE \u0438 ISE-PIC \u0432\u0435\u0440\u0441\u0438\u0438 3.4. \u041e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0438\u0445 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 ISE 3.4 (\u043f\u0430\u0442\u0447 2).\n\n- CVE-2025-20337:\u00a0RCE \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Cisco ISE \u0438 ISE-PIC. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b API \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c root-\u0434\u043e\u0441\u0442\u0443\u043f \u0431\u0435\u0437 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 ISE 3.3 (\u043f\u0430\u0442\u0447 7) \u0438 3.4 (\u043f\u0430\u0442\u0447 2).\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u043c\u0435\u044e\u0442 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 (CVSS: 10,0) \u0438 \u043c\u043e\u0433\u0443\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\nCisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0430\u0442\u0447\u0430 \u0434\u043b\u044f \u0442\u0440\u0451\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0432\u0438\u0434\u0443 \u0440\u0430\u0437\u043d\u0438\u0446\u044b \u0432\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u0438\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n\u0414\u043b\u044f \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0441\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f: \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c ISE 3.3 - \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u0430\u0442\u0447\u0430 7, \u0430 \u0434\u043b\u044f 3.4 - \u0434\u043e \u043f\u0430\u0442\u0447\u0430 2.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c ISE 3.2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439. \u041e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0442.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043a\u0440\u0430\u0439\u043d\u0435 \u0432\u0430\u0436\u043d\u043e \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u044e\u0449\u0438\u0445 \u0440\u0438\u0441\u043a\u043e\u0432.", "creation_timestamp": "2025-07-22T18:33:36.000000Z"}, {"uuid": "a197da17-d7b6-4c64-9075-d20a7ccafcd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1206", "content": "\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 API \u062e\u0635\u0648\u0635\u06cc \u067e\u0644\u062a\u0641\u0631\u0645 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0633\u06cc\u0627\u0633\u062a \u0627\u062a\u0635\u0627\u0644 \u0645\u0648\u062a\u0648\u0631 \u062e\u062f\u0645\u0627\u062a \u0647\u0648\u06cc\u062a \u0633\u06cc\u0633\u06a9\u0648 (ISE) \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0639\u062f\u0645 \u0648\u062c\u0648\u062f \u0645\u06a9\u0627\u0646\u06cc\u0632\u0645\u06cc \u0628\u0631\u0627\u06cc \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0641\u0627\u06cc\u0644\u200c\u0647\u0627\u06cc \u0622\u067e\u0644\u0648\u062f \u0634\u062f\u0647 . \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0622\u067e\u0644\u0648\u062f \u06cc\u06a9 \u0641\u0627\u06cc\u0644 \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u062e\u0627\u0635\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u06cc\u0634\u0647 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\n\nBDU:2025-07648\n\nCVE-2025-20282\n\n\u0646\u0635\u0628 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0645\u0639\u062a\u0628\u0631\u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u061b\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0637\u0631\u062d \u0644\u06cc\u0633\u062a \u0633\u0641\u06cc\u062f\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u0622\u0646\u062a\u06cc\u200c\u0648\u06cc\u0631\u0648\u0633 \u0628\u0631\u0627\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u062a\u0644\u0627\u0634 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0646\u0641\u0648\u0630 \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc (\u0634\u0646\u0627\u0633\u0627\u06cc\u06cc\u060c \u062b\u0628\u062a) \u0648 \u067e\u0627\u0633\u062e \u0628\u0647 \u062a\u0644\u0627\u0634\u200c\u0647\u0627\u06cc \u0628\u0631\u0627\u06cc \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627.\n\n\n\u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u062a\u0648\u0635\u06cc\u0647\u200c\u0646\u0627\u0645\u0647:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR\n\u06af\u0631\u0648\u0647 \u0627\u06cc\u062a\u0627:\nhttps://eitaa.com/joinchat/1866007784Cfd023f90b2", "creation_timestamp": "2025-06-29T13:21:20.000000Z"}, {"uuid": "200e4f5c-5bc7-48f9-9287-e9122ff603c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://t.me/DarkWebInformer_News/5920", "content": "\ud83d\udea8 News Alert!\n\nSource: Dark Web Informer - Cyber Threat Intelligence\nTitle: CVE-2025-20281 &amp; CVE-2025-20282: Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC\nLink: https://darkwebinformer.com/cve-2025-20281-cve-2025-20282-unauthenticated-rce-vulnerabilities-in-cisco-ise-and-ise-pic/", "creation_timestamp": "2025-06-30T19:28:54.000000Z"}, {"uuid": "26667e90-dad4-42b1-b7ea-79199cb556c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "Telegram/bI-7REFVwRUdOiN1Ul8ELpm8l_QubaONa-FyYhBTCM1-lg", "content": "", "creation_timestamp": "2025-06-26T20:24:36.000000Z"}, {"uuid": "238015ef-2d77-48aa-b945-2490d7e05a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://t.me/true_secator/7242", "content": "Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 Identity Services Engine (ISE) \u0438 ISE Passive Identity Connector, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u0421\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0432\u043d\u0435\u0441\u0435\u043d\u044b \u0432 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044e \u043e\u0442 25 \u0438\u044e\u043d\u044f, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0434\u0432\u0435 \u0442\u0430\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, CVE-2025-20281 \u0438 CVE-2025-20282.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f CVE \u0441 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043e \u0435\u0435 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e\u043c \u0443\u0440\u043e\u0432\u043d\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20337 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 10/10, \u0442\u0430\u043a\u0443\u044e \u0436\u0435, \u043a\u0430\u043a \u0438 \u0434\u0432\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u0442 \u0436\u0435 API, \u0447\u0442\u043e \u0438 CVE-2025-20281.\n\n\u041c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 API Cisco ISE \u0438 Cisco ISE-PIC \u043f\u043e\u0437\u0432\u043e\u043b\u044e\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u041e\u0421 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442, \u0447\u0442\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u0444\u0430\u0431\u0440\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 API \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 root \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 Cisco ISE \u0438 ISE-PIC \u0432\u0435\u0440\u0441\u0438\u0439 3.3 \u0438 3.4 \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 3.3 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 7 \u0438 3.4 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 2.\n\nCisco \u0442\u0430\u043a\u0436\u0435\u00a0\u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430\u00a0\u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2025-20274 (CVSS 6,3) - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Unified Intelligence Center, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u041d\u0435\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0444\u0430\u0439\u043b\u043e\u0432, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u043c\u044b\u0445 \u0432 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0445\u0440\u0430\u043d\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cisco, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root, \u0447\u0442\u043e \u043f\u043e\u0432\u044b\u0448\u0430\u0435\u0442 \u0435\u0451 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u044c.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 Unified Intelligence Center 12.5(1) SU ES05 \u0438 12.6(2) ES05. Cisco \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Unified CCX \u0432\u0435\u0440\u0441\u0438\u0439 12.5(1) SU3 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044e 15, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u0430 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 ISE \u0438 ISE-PIC, Evolved Programmable Network Manager (EPNM), Prime Infrastructure \u0438 Unified Intelligence Center.\n\nCisco \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0439 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.", "creation_timestamp": "2025-07-17T13:41:05.000000Z"}, {"uuid": "9406091d-3062-487b-a8a6-fadbedc06265", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20282", "type": "seen", "source": "https://t.me/TheDarkWebInformer/18513", "content": "\ud83d\udea8Critical Cisco ISE Vulnerabilities, CVE-2025-20281 &amp; CVE-2025-20282\n\nTwo unauthenticated RCE flaws have been disclosed in Cisco ISE and ISE-PIC, allowing remote attackers to execute commands as root without credentials.\n\n CVE-2025-20281\n\u2022 Affects: ISE 3.3 &amp; 3.4\n\u2022 Flaw: Improper input validation in external API\n\u2022 CVSS: 9.8\n\nCVE-2025-20282\n\u2022 Affects: ISE 3.4\n\u2022 Flaw: Internal API permits privileged file uploads\n\u2022 CVSS: 10.0 (Critical)\n\nFull advisory:\nhttps://www.cisco.com/c/en/us/support/docs/field-notices/704/fn70475.html\n\nCVE-2025-20281:\nhttps://www.cvedetails.com/cve/CVE-2025-20281/\n\nCVE-2025-20282:\nhttps://www.cvedetails.com/cve/CVE-2025-20282/", "creation_timestamp": "2025-06-26T15:28:30.000000Z"}]}