The U.S. CISA has issued a critical alert highlighting three high-impact vulnerabilities affecting Cisco ISE and PaperCut NG/MF, which are being actively exploited. These flaws pose severe risks to enterprise networks, emphasizing the importance of immediate patching and monitoring. #CiscoISE #PaperCut #KEV
Keypoints
- CISA has added three high-impact vulnerabilities to its KEV Catalog, affecting Cisco ISE and PaperCut NG/MF.
- Two Cisco ISE flaws (CVE‑2025‑20281 and CVE‑2025‑20337) allow unauthenticated remote code execution with CVSS scores of 10.0.
- The vulnerabilities in Cisco ISE could enable attackers to bypass security policies and gain deep control over IT infrastructure.
- The PaperCut CSRF flaw (CVE‑2023‑2533) allows malicious links to alter configurations or execute commands on affected systems.
- Immediate patching, system monitoring, and network segmentation are recommended to mitigate these critical vulnerabilities.
Read More: https://thecyberexpress.com/cisa-adds-cisco-ise-papercut-flaws/