Cisco ISE and ISE-PIC Unauthenticated Remote Code Execution Vulnerability

A vulnerability exists in a specific API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) versions 3.3 and 3.4. This vulnerability allows an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system with root privileges. The issue arises from insufficient validation of user-supplied input, enabling attackers to exploit the vulnerability by sending crafted API requests.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code with root privileges on the affected system.

Remediation

Cisco has released software updates that address this vulnerability. Customers running Cisco ISE Release 3.4 Patch 2 do not need to take any further action. Those on Release 3.3 Patch 6 should upgrade to Release 3.3 Patch 7. For systems with hot patches applied, Cisco recommends upgrading to Release 3.3 Patch 7 or Release 3.4 Patch 2. Instructions for upgrading can be found in the Cisco Identity Service Engine Upgrade Guides.