Cisco has issued a high-severity security advisory for a vulnerability affecting its Identity Services Engine (ISE), warning that the flaw could allow unauthenticated remote attackers to trigger a denial of service (DoS) condition on affected devices.
CVE-2025-20152
The vulnerability, tracked as CVE-2025-20152, stems from improper handling of certain RADIUS authentication requests within Cisco ISE, a widely used solution for network access control. If exploited, the flaw could cause the ISE to unexpectedly reload, effectively disrupting network authentication services and potentially causing widespread outages.
Cisco rates the vulnerability with a CVSS base score of 8.6, marking it as high severity. It affects systems where RADIUS services are enabled in the default configuration. Devices configured for TACACS+ only are not impacted.
Mitigation of CVE-2025-20152
There are currently no known workarounds to mitigate the risk associated with this vulnerability. However, Cisco has released software patches to address the issue. The company recommends that all customers using Cisco ISE for RADIUS authentication upgrade to the latest patched versions.
According to Cisco’s advisory (ID: cisco-sa-ise-restart-ss-uf986G2Q), the vulnerability is resolved in Cisco ISE Release 3.4 Patch 1 (3.4P1). Earlier versions, including release 3.3 and prior, are not affected by this flaw.
The advisory notes that the vulnerability was discovered during internal security testing and that there is no evidence of public exploitation or malicious use at this time.
The full security advisory, including fixed release information and upgrade instructions, is available on the Cisco Security Advisory portal.
As enterprise network security continues to face sophisticated threats, timely patching and proper configuration remain key to maintaining resilience.
Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
