Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release

Cisco Patches ISE Security Vulnerability After Public PoC Exploit Release
嗯，用户让我帮忙总结一下这篇文章的内容，控制在100字以内，而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。首先，我需要通读整篇文章，抓住主要信息。文章主要讲的是Cisco发布了安全更新，修复了身份服务引擎（ISE）和被动身份连接器（ISE-PIC）中的一个中等严重程度的安全漏洞。这个漏洞被追踪为CVE-2026-20029，CVSS评分为4.9。问题出在许可证功能上，攻击者可以利用恶意文件上传来获取敏感信息。然后，文章提到这个漏洞是由Trend Micro的Bobby Gould发现的，并且已经发布了PoC利用代码。受影响的版本包括3.2到3.4的不同补丁版本，而3.5版本则不受影响。Cisco指出没有解决方法可用，并且已经知道PoC的存在。此外，Cisco还修复了另外两个中等严重程度的漏洞，涉及DCE/RPC请求处理的问题，可能影响Snort 3检测引擎。这些漏洞由Trend Micro的Guy Lederfein报告，并影响了多个Cisco产品。最后，文章提醒用户及时更新到最新版本以确保安全。现在我需要把这些信息浓缩到100字以内。重点包括：Cisco修复了ISE和ISE-PIC中的中等漏洞CVE-2026-20029；该漏洞可能导致敏感信息泄露；已发布PoC；修复版本；另外两个漏洞CVE-2026-20026和CVE-2026-20027；影响的产品；建议用户更新。可能需要省略一些细节，比如具体的CVSS评分和受影响的具体版本号，但要保留关键点：漏洞名称、影响、攻击方式、修复情况以及额外的漏洞信息。最终总结应该简洁明了，涵盖所有重要信息。 </think> Cisco修复了身份服务引擎（ISE）和被动身份连接器（ISE-PIC）中的中等严重漏洞CVE-2026-20029，该漏洞可能导致敏感信息泄露。攻击者可利用恶意文件上传获取系统文件。 Cisco还修复了Snort 3中的两个中等漏洞（CVE-2026-20026和CVE-2026-20027），涉及拒绝服务和信息泄露风险。用户应更新至最新版本以增强安全性。 2026-1-8 10:44:0 Author: thehackernews.com(查看原文) 阅读量:5 收藏

Network Security / Vulnerability

Cisco has released updates to address a medium-severity security flaw in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) with a public proof-of-concept (PoC) exploit.

The vulnerability, tracked as CVE-2026-20029 (CVSS score: 4.9), resides in the licensing feature and could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information.

"This vulnerability is due to improper parsing of XML that is processed by the web-based management interface of Cisco ISE and Cisco ISE-PIC," Cisco said in a Wednesday advisory. "An attacker could exploit this vulnerability by uploading a malicious file to the application."

Successful exploitation of the shortcoming could allow an attacker with valid administrative credentials to read arbitrary files from the underlying operating system, which the company said should be off-limits even to administrators.

Bobby Gould of Trend Micro Zero Day Initiative has been credited with discovering and reporting the flaw. It affects the following versions -

Cisco ISE or ISE-PIC Release earlier than 3.2 - Migrate to a fixed release
Cisco ISE or ISE-PIC Release 3.2 - 3.2 Patch 8
Cisco ISE or ISE-PIC Release 3.3 - 3.3 Patch 8
Cisco ISE or ISE-PIC Release 3.4 - 3.4 Patch 4
Cisco ISE or ISE-PIC Release 3.5 - Not vulnerable

Cisco said there are no workarounds to address the flaw, adding it's aware of the availability of a PoC exploit code. There are no indications that it has been exploited in the wild.

In tandem, the networking equipment company also shipped fixes for two other medium-severity bugs stemming from the processing of Distributed Computing Environment Remote Procedure Call (DCE/RPC) requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, impacting availability.

Trend Micro researcher Guy Lederfein has acknowledged for reporting the flaws. The details of the issues are as follows -

CVE-2026-20026 (CVSS score: 5.8) - Snort 3 DCE/RPC denial-of-service vulnerability
CVE-2026-20027 (CVSS score: 5.3) - Snort 3 DCE/RPC information disclosure vulnerability

They affect a number of Cisco products -

Cisco Secure Firewall Threat Defense (FTD) Software, if Snort 3 was configured
Cisco IOS XE Software
Cisco Meraki software

With vulnerabilities in Cisco products frequently targeted by bad actors, it's crucial that users update to the latest version for adequate protection.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

文章来源: https://thehackernews.com/2026/01/cisco-patches-ise-security.html
如有侵权请联系:admin#unsafe.sh