What is CVE-2025-20125?

CVE-2025-20125 is a critical-severity vulnerability in Cisco Identity Services Engine Software, classified under Improper Authorization. CVSS score: 9.1/10. Published 2025-02-05.

How severe is CVE-2025-20125?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Is CVE-2025-20125 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Auth bypass in Cisco Identity Services Engine Software

CVE-2025-20125

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack…

EPSS: 0.021 (84.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H.

Affected products

Cisco Identity Services Engine Software — versions 3.0.0, 3.0.0 p1, 3.0.0 p2
Cisco Ise Passive Identity Connector — versions 3.0.0, 3.2.0, 3.1.0

Weakness classification (CWE)

CWE-285 — Improper Authorization

Public proof-of-concept exploits

References

cisco-sa-ise-multivuls-FTW9AOXF

Frequently asked questions

What is CVE-2025-20125?: CVE-2025-20125 is a critical-severity vulnerability in Cisco Identity Services Engine Software, classified under Improper Authorization. CVSS score: 9.1/10. Published 2025-02-05.
How severe is CVE-2025-20125?: Critical severity. CVSS v3 base score is 9.1 out of 10.
Is CVE-2025-20125 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.