CVE-2025-20131: 
Cisco ISE vulnerability analysis and mitigation

A vulnerability in the GUI of Cisco Identity Services Engine (ISE) was discovered, tracked as CVE-2025-20131. The vulnerability allows an authenticated remote attacker with administrative privileges to upload files to affected devices. The issue was disclosed on August 20, 2025, affecting Cisco ISE software versions 3.1 through 3.4 (Cisco Advisory).

The vulnerability stems from improper validation of the file copy function in the Cisco ISE GUI. It has been assigned a CVSS v3.1 base score of 4.9 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N. The vulnerability is classified under CWE-284 (Improper Access Control) (NVD, Cisco Advisory).

A successful exploitation of this vulnerability allows an attacker to upload arbitrary files to the affected system. While the attack requires administrative privileges, it could potentially lead to system compromise through malicious file uploads (Cisco Advisory).

Cisco has released software updates to address this vulnerability. The fixed versions include ISE 3.1 P10, 3.2 P7, and 3.3 P3. Version 3.4 is not vulnerable to this issue. No workarounds are available, making it critical for affected users to upgrade to the patched versions (Cisco Advisory).