A critical vulnerability has been identified in Cisco's Identity Services Engine (ISE) deployments across major cloud platforms, including Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI). This flaw, designated as CVE-2025-20286, carries a near-maximum Common Vulnerability Scoring System (CVSS) score of 9.9, underscoring its severity.
The root of this vulnerability lies in the improper generation of credentials during the deployment of Cisco ISE on these cloud platforms. Specifically, deployments of the same software release on the same cloud platform share identical credentials. This uniformity creates a significant security risk, as an attacker who gains access to one instance can potentially exploit others with the same credentials.
Exploitation of this vulnerability could allow unauthorized actors to access sensitive data, perform limited administrative operations, modify system configurations, or disrupt services within the affected systems. The impacted platforms and versions include:
- AWS: Versions 3.1, 3.2, 3.3, and 3.4
- Azure: Versions 3.2, 3.3, and 3.4
- OCI: Versions 3.2, 3.3, and 3.4
This incident highlights the critical importance of secure credential management in cloud environments. Organizations are advised to regularly audit their systems for such vulnerabilities and apply security updates promptly to safeguard against potential exploits.
Source: Dark Reading https://www.darkreading.com/vulnerabilities-threats/cisco-warns-critical-static-credential-vulnerability/
