Cisco has released fixes for a dozen vulnerabilities in its products, including a critical-severity flaw (CVE-2025-20286, CVSS 9.9) in cloud deployments of Identity Services Engine (ISE) on AWS, Azure, and OCI. The flaw arises from improperly generated, shared credentials across ISE deployments, enabling attackers to access sensitive data, perform limited admin operations, and disrupt services. This issue affects ISE versions 3.1 to 3.4 with cloud-based Primary Administration nodes, and proof-of-concept (PoC) exploit code exists. Cisco has released hot fixes and advises upgrading to eliminate the risk.

‍