Zero Day Initiative — CVE-2025-20281: Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
On January 25th, 2025, the Trend Zero Day Initiative (ZDI) received a report from Kentaro Kawane of GMO Cybersecurity by Ierae regarding a deserialization of untrusted data vulnerability in Cisco Identity Services Engine (ISE). This pre-authentication vulnerability existed in the enableStrongSwanTun| Zero Day Initiative
