{"id":22612,"date":"2025-07-03T00:05:00","date_gmt":"2025-07-03T03:05:00","guid":{"rendered":"https:\/\/www.ethicalhacker.com.br\/site\/?p=22612"},"modified":"2025-06-26T18:38:16","modified_gmt":"2025-06-26T21:38:16","slug":"vulnerabilidades-criticas-no-cisco-ise-e-ise-pic","status":"publish","type":"post","link":"https:\/\/www.ethicalhacker.com.br\/site\/2025\/07\/basico\/vulnerabilidades-criticas-no-cisco-ise-e-ise-pic\/","title":{"rendered":"Vulnerabilidades cr\u00edticas no Cisco ISE e ISE-PIC"},"content":{"rendered":"\n<p data-start=\"216\" data-end=\"333\"><strong>Vulnerabilidades cr\u00edticas no Cisco ISE e ISE-PIC permitem execu\u00e7\u00e3o remota de c\u00f3digo por atacantes n\u00e3o autenticados<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"335\" data-end=\"485\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">A Cisco divulgou atualiza\u00e7\u00f5es de seguran\u00e7a para corrigir duas falhas de gravidade m\u00e1xima nos sistemas Identity Services Engine (ISE) e ISE Passive Identity Connector (ISE-PIC).<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Essas vulnerabilidades permitem que atacantes n\u00e3o autenticados executem comandos arbitr\u00e1rios com privil\u00e9gios de root, comprometendo gravemente a seguran\u00e7a da infraestrutura de rede.<\/span><\/p>\n<p data-start=\"335\" data-end=\"485\">\u00a0<\/p>\n<p data-start=\"487\" data-end=\"521\"><strong>Descri\u00e7\u00e3o das vulnerabilidades<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"523\" data-end=\"639\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">As falhas identificadas receberam os identificadores CVE-2025-20281 e CVE-2025-20282, ambas com pontua\u00e7\u00e3o m\u00e1xima de 10.0 no CVSS, indicando risco cr\u00edtico.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Elas afetam vers\u00f5es espec\u00edficas do Cisco ISE e ISE-PIC, conforme detalhado abaixo:<\/span><\/p>\n<ul data-start=\"641\" data-end=\"923\">\n<li data-start=\"641\" data-end=\"781\">\n<p style=\"text-align: justify;\" data-start=\"643\" data-end=\"781\"><strong data-start=\"643\" data-end=\"661\">CVE-2025-20281<\/strong>: <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Uma vulnerabilidade de execu\u00e7\u00e3o remota de c\u00f3digo (RCE) que impacta as vers\u00f5es 3.3 e posteriores do Cisco ISE e ISE-PIC.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Ela resulta de uma valida\u00e7\u00e3o insuficiente de entradas fornecidas pelo usu\u00e1rio, permitindo que um atacante remoto n\u00e3o autenticado envie uma solicita\u00e7\u00e3o API manipulada para obter privil\u00e9gios elevados e executar comandos arbitr\u00e1rios no sistema operacional subjacente com privil\u00e9gios de root.<\/span><\/p>\n<\/li>\n<li data-start=\"783\" data-end=\"923\">\n<p style=\"text-align: justify;\" data-start=\"785\" data-end=\"923\"><strong data-start=\"785\" data-end=\"803\">CVE-2025-20282<\/strong>: <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Outra vulnerabilidade RCE que afeta a vers\u00e3o 3.4 do Cisco ISE e ISE-PIC.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Ela decorre da falta de verifica\u00e7\u00f5es adequadas na valida\u00e7\u00e3o de arquivos carregados, permitindo que um atacante remoto n\u00e3o autenticado fa\u00e7a upload de arquivos arbitr\u00e1rios para diret\u00f3rios privilegiados e execute esses arquivos no sistema operacional subjacente com privil\u00e9gios de root.<\/span><\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p data-start=\"925\" data-end=\"946\"><strong>Impacto potencial<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"948\" data-end=\"1066\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">A explora\u00e7\u00e3o bem-sucedida dessas falhas pode permitir que atacantes n\u00e3o autenticados obtenham controle total sobre os sistemas afetados, executando comandos arbitr\u00e1rios com privil\u00e9gios de root.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Isso pode levar a compromissos significativos na seguran\u00e7a da rede, incluindo roubo de dados sens\u00edveis, interrup\u00e7\u00e3o de servi\u00e7os e propaga\u00e7\u00e3o de ataques laterais dentro da infraestrutura corporativa.<\/span><\/p>\n<p data-start=\"948\" data-end=\"1066\">\u00a0<\/p>\n<p data-start=\"1068\" data-end=\"1093\"><strong>Corre\u00e7\u00f5es dispon\u00edveis<\/strong><\/p>\n<p data-start=\"1095\" data-end=\"1173\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">A Cisco lan\u00e7ou atualiza\u00e7\u00f5es de seguran\u00e7a para mitigar essas vulnerabilidades:<\/span><\/p>\n<ul data-start=\"1175\" data-end=\"1387\">\n<li data-start=\"1175\" data-end=\"1280\">\n<p data-start=\"1177\" data-end=\"1280\"><strong data-start=\"1177\" data-end=\"1200\">Para CVE-2025-20281<\/strong>: <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Atualiza\u00e7\u00f5es para o Cisco ISE ou ISE-PIC 3.3 Patch 6 e 3.4 Patch 2 est\u00e3o dispon\u00edveis.<\/span><\/p>\n<\/li>\n<li data-start=\"1282\" data-end=\"1387\">\n<p data-start=\"1284\" data-end=\"1387\"><strong data-start=\"1284\" data-end=\"1307\">Para CVE-2025-20282<\/strong>: <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Atualiza\u00e7\u00f5es para o Cisco ISE ou ISE-PIC 3.4 Patch 2 est\u00e3o dispon\u00edveis.<\/span><\/p>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p style=\"text-align: justify;\" data-start=\"1389\" data-end=\"1507\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">\u00c9 importante ressaltar que n\u00e3o h\u00e1 solu\u00e7\u00f5es alternativas (workarounds) eficazes para essas falhas.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Portanto, \u00e9 essencial que os administradores de sistemas apliquem as atualiza\u00e7\u00f5es fornecidas pela Cisco o mais r\u00e1pido poss\u00edvel para proteger suas redes contra poss\u00edveis explora\u00e7\u00f5es.<\/span><\/p>\n<p data-start=\"1389\" data-end=\"1507\">\u00a0<\/p>\n<p data-start=\"1509\" data-end=\"1545\"><strong>Reconhecimento dos pesquisadores<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"1547\" data-end=\"1665\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">A Cisco reconheceu os pesquisadores Bobby Gould, da Trend Micro Zero Day Initiative, e Kentaro Kawane, da GMO Cybersecurity, por identificar e relatar essas vulnerabilidades.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Sua contribui\u00e7\u00e3o foi fundamental para a corre\u00e7\u00e3o tempestiva desses problemas de seguran\u00e7a.<\/span><\/p>\n<p data-start=\"1547\" data-end=\"1665\">\u00a0<\/p>\n<p data-start=\"1667\" data-end=\"1680\"><strong>Conclus\u00e3o<\/strong><\/p>\n<p style=\"text-align: justify;\" data-start=\"1682\" data-end=\"1800\"><span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">Embora n\u00e3o haja evid\u00eancias de explora\u00e7\u00e3o ativa dessas vulnerabilidades, a gravidade das falhas e o alto risco associado \u00e0 execu\u00e7\u00e3o remota de c\u00f3digo com privil\u00e9gios de root tornam essencial que os administradores de sistemas atualizem seus ambientes afetados sem demora.<\/span> <span class=\"relative -mx-px my-[-0.2rem] rounded px-px py-[0.2rem] transition-colors duration-100 ease-in-out\">A aplica\u00e7\u00e3o das corre\u00e7\u00f5es fornecidas pela Cisco \u00e9 a medida mais eficaz para proteger as infraestruturas de rede contra poss\u00edveis ataques.<\/span><\/p>\n<p data-start=\"1682\" data-end=\"1800\">\u00a0<\/p>\n<p data-start=\"1682\" data-end=\"1800\">Fonte e imagens: <a href=\"https:\/\/thehackernews.com\/2025\/06\/critical-rce-flaws-in-cisco-ise-and-ise.html\" target=\"_blank\" rel=\"noopener\">https:\/\/thehackernews.com\/2025\/06\/critical-rce-flaws-in-cisco-ise-and-ise.html<\/a><\/p>\n<p data-start=\"1802\" data-end=\"1880\">\u00a0<\/p>\n\n\n","protected":false},"excerpt":{"rendered":"<p>Vulnerabilidades cr\u00edticas no Cisco ISE e ISE-PIC permitem execu\u00e7\u00e3o remota de c\u00f3digo por atacantes n\u00e3o autenticados A Cisco divulgou atualiza\u00e7\u00f5es de seguran\u00e7a para corrigir duas falhas de gravidade m\u00e1xima nos sistemas Identity Services Engine (ISE) e ISE Passive Identity Connector (ISE-PIC). Essas vulnerabilidades permitem que atacantes n\u00e3o autenticados executem comandos arbitr\u00e1rios com privil\u00e9gios de root, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":22613,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[89,100,105],"tags":[],"class_list":["post-22612","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-basico","category-diversos","category-noticias"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/22612","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=22612"}],"version-history":[{"count":3,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/22612\/revisions"}],"predecessor-version":[{"id":22616,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/22612\/revisions\/22616"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media\/22613"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=22612"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/categories?post=22612"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/tags?post=22612"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}