CVE-2025-20130: Cisco Identity Services Engine Access Control Bypass Vulnerability

4.9 CVSS

Description

A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device.

This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system.

Classification

CVE ID: CVE-2025-20130

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.9

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Problem Types

Improper Access Control

Affected Products

Vendor: Cisco

Product: Cisco Identity Services Engine Software

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.03% (probability of being exploited)

EPSS Percentile: 8.0% (scored less or equal to compared to others)

EPSS Date: 2025-06-06 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-20130
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-P4M8vwXY

Timeline

2025-06-04 16:00:45 UTC
Cisco Security Advisory

Cisco Identity Services Engine Arbitrary File Upload Vulnerability
2025-06-04 17:40:15 UTC
CVE

Cisco Identity Services Engine Access Control Bypass Vulnerability