Cisco ISE related Vulnerability (CVE-2025-20152)

Marcelo Morais · ‎05-24-2025

Introduction
Summary
Workaround
Affected Products & Fixed Software
References

The Portuguese version of this Article can be found at: Vulnerabilidade que afeta o Cisco ISE (CVE-2025-20152) .

For an offline or printed copy of this document, simply choose ⋮ Options > Printer Friendly Page. You may then Print > Print to PDF or Copy & Paste to any other document format you like.

Introduction

Please be aware of the following CVE (Common Vulnerabilities and Exposures) of CVSS (Common Vulnerability Scoring System) High :

CVE-2025-20152 of May 21, 2025

described in:

CVE-2025-20152 Cisco Identity Services Engine RADIUS Denial of Service Vulnerability

CSCwm04960 Cisco Identity Services Engine RADIUS Denial of Service Vulnerability.

Summary

A vulnerability in the RADIUS message processing feature of Cisco ISE could allow an unauthenticated, remote attacker to cause a Denial of Service (DoS) on an affected device.

Workaround

There is no Workaround that will solve this vulnerability !!!

Affected Products & Fixed Software

The vulnerability affects Cisco ISE in the following versions:

To access the version of Cisco ISE that fixes this CVE:

3.4 P1 of December 18, 2024

References

Cisco Security Advisories

ISE - CVEs (versão Português) - Video

Marcelo Morais · ‎05-26-2025

@sherri54labrecque ,

thank you ... glad to be of help !!!

Renato Guardia · ‎09-19-2025

Thanks for sharing!

Marcelo Morais · ‎09-19-2025

@Renato Guardia ,

glad to be helpful !

Adonay dos Anjos · ‎09-29-2025

Obrigado por compartilhar

Marcelo Morais · ‎09-29-2025

@Adonay dos Anjos ,

sempre um prazer !