Security researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an unauthenticated remote code execution vulnerability in Cisco Identity Services Engine (ISE).
The critical vulnerability was first disclosed on June 25, 2025, with Cisco warning that it impacts ISE and ISE-PIC versions 3.3 and 3.4, allowing unauthenticated, remote attackers to upload arbitrary files to the target system and execute them with root privileges.
The issue stems from unsafe deserialization and command injection in the enableStrongSwanTunnel() method.
Three weeks later, the vendor added one more flaw to the same bulletin, CVE-2025-20337, which relates to the same flaw but is now broken down into two parts, CVE-2025-20281 (command injection) and CVE-2025-20337 (deserialization).
Although hotfixes were previously made available, Cisco urged users to update to 3.3 Patch 7 and 3.4 Patch 2 to address both vulnerabilities.
On July 22, 2025, Cisco marked both CVE-2025-20281 and CVE-2025-20337 as actively exploited in attacks, urging admins to apply the security updates as soon as possible.
With sufficient time having passed, allowing administrators to apply the updates, Gould has now published his write-up, where he demonstrates triggering the command injection flaw in Cisco ISE via a serialized Java String[] payload.
The researcher achieves arbitrary command execution as root inside a Docker container by exploiting the behavior of Java's Runtime.exec() and using ${IFS} to bypass argument tokenization issues.
Finally, Gould demonstrates how to escape from the privileged Docker container and gain root access on the host system using a well-known Linux container escape technique based on cgroups and release_agent.
Malicious request triggering the exploit
... continue reading