{"id":10419,"date":"2025-07-29T12:30:53","date_gmt":"2025-07-29T05:30:53","guid":{"rendered":"https:\/\/infosec.new88088.net\/?p=10419"},"modified":"2026-02-05T12:31:00","modified_gmt":"2026-02-05T05:31:00","slug":"canh-bao-lo-hong-trong-cisco-ise-cho-phep-hacker-chiem-quyen-he-thong-tu-xa","status":"publish","type":"post","link":"https:\/\/infosec.new88088.net\/2025\/07\/29\/canh-bao-lo-hong-trong-cisco-ise-cho-phep-hacker-chiem-quyen-he-thong-tu-xa\/","title":{"rendered":"C\u1ea3nh b\u00e1o l\u1ed7 h\u1ed5ng trong Cisco ISE cho ph\u00e9p Hacker chi\u1ebfm quy\u1ec1n h\u1ec7 th\u1ed1ng t\u1eeb xa"},"content":{"rendered":"<div style=\"text-align: justify\"><b>C\u00e1c chuy\u00ean gia nghi\u00ean c\u1ee9u v\u1ec1 b\u1ea3o m\u1eadt v\u1eeba c\u00f4ng b\u1ed1 chi ti\u1ebft k\u1ef9 thu\u1eadt t\u1ea5n c\u00f4ng chi\u1ebfm quy\u1ec1n \u0111i\u1ec1u khi\u1ec3n h\u1ec7 th\u1ed1ng Cisco ISE th\u00f4ng qua l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt CVE-2025-20281, m\u1ed9t l\u1ed7i nghi\u00eam tr\u1ecdng cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng t\u1eeb xa th\u1ef1c thi l\u1ec7nh v\u1edbi quy\u1ec1n root.<\/b><br \/>\n\u200b<\/div>\n<div style=\"text-align: center\"><a class=\"js-lbImage\" style=\"cursor: pointer\" href=\"https:\/\/whitehat.vn\/attachments\/1753771954826-png.17380\/\" target=\"_blank\" rel=\"noopener\" data-lb-sidebar-href=\"\" data-lb-caption-extra-html=\"\" data-fancybox=\"lb-thread-18609\" data-caption=\"&lt;h4&gt;1753771954826.png&lt;\/h4&gt;&lt;p&gt;&lt;a href=&quot;https:&amp;#x2F;&amp;#x2F;whitehat.vn&amp;#x2F;threads&amp;#x2F;canh-bao-lo-hong-trong-cisco-ise-cho-phep-hacker-chiem-quyen-he-thong-tu-xa.18609&amp;#x2F;#post-44118&quot; class=&quot;js-lightboxCloser&quot;&gt;WhiteHat Team \u00b7 29&amp;#x2F;07&amp;#x2F;2025 l\u00fac 1:55 PM&lt;\/a&gt;&lt;\/p&gt;\"><img fetchpriority=\"high\" decoding=\"async\" class=\"bbImage \" title=\"1753771954826.png\" src=\"https:\/\/whitehat.vn\/data\/attachments\/17\/17715-0c2cb7c2f83a8b11002174a8837ed490.jpg\" alt=\"1753771954826.png\" width=\"712\" height=\"400\" \/><\/a>\u200b<\/div>\n<div style=\"text-align: justify\">\nL\u1ed7 h\u1ed5ng CVE-2025-20281 n\u1eb1m trong h\u1ec7 th\u1ed1ng Cisco Identity Services Engine (ISE), m\u1ed9t n\u1ec1n t\u1ea3ng qu\u1ea3n l\u00fd truy c\u1eadp m\u1ea1ng \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i trong doanh nghi\u1ec7p. M\u1eb7c d\u00f9 l\u1ed7 h\u1ed5ng n\u00e0y \u0111\u00e3 \u0111\u01b0\u1ee3c Cisco c\u1ea3nh b\u00e1o t\u1eeb cu\u1ed1i th\u00e1ng 6 v\u00e0 b\u1ea3n v\u00e1 c\u0169ng \u0111\u00e3 \u0111\u01b0\u1ee3c ph\u00e1t h\u00e0nh, nh\u01b0ng chi ti\u1ebft c\u00e1ch khai th\u00e1c l\u1ea1i ch\u00ednh l\u00e0 &#8220;h\u1ed3i chu\u00f4ng c\u1ea3nh b\u00e1o&#8221; cho nh\u1eefng h\u1ec7 th\u1ed1ng ch\u01b0a k\u1ecbp c\u1eadp nh\u1eadt.<\/p>\n<p>Ph\u00e1t hi\u1ec7n t\u1ed3n t\u1ea1i hai l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt li\u00ean quan \u0111\u1ebfn nhau:\u200b<\/p><\/div>\n<ul>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">CVE-2025-20281: L\u1ed7i command injection cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng g\u1eedi d\u1eef li\u1ec7u \u0111\u1eb7c bi\u1ec7t, t\u1eeb \u0111\u00f3 th\u1ef1c thi l\u1ec7nh h\u1ec7 th\u1ed1ng.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">CVE-2025-20337: L\u1ed7i unsafe deserialization, khi\u1ebfn ph\u1ea7n m\u1ec1m x\u1eed l\u00fd d\u1eef li\u1ec7u kh\u00f4ng an to\u00e0n, m\u1edf \u0111\u01b0\u1eddng cho m\u00e3 \u0111\u1ed9c x\u00e2m nh\u1eadp.\u200b<\/div>\n<\/li>\n<\/ul>\n<div style=\"text-align: justify\">\u0110i\u1ec3m \u0111\u1eb7c bi\u1ec7t nguy hi\u1ec3m l\u00e0 kh\u00f4ng c\u1ea7n t\u00e0i kho\u1ea3n hay x\u00e1c th\u1ef1c g\u00ec c\u1ea3, hacker ch\u1ec9 c\u1ea7n truy c\u1eadp \u0111\u01b0\u1ee3c v\u00e0o h\u1ec7 th\u1ed1ng l\u00e0 c\u00f3 th\u1ec3 t\u1ea3i l\u00ean file \u0111\u1ed9c h\u1ea1i v\u00e0 th\u1ef1c thi v\u1edbi quy\u1ec1n root (c\u1ea5p \u0111\u1ed9 quy\u1ec1n cao nh\u1ea5t).<\/p>\n<p>Trong b\u00e0i c\u00f4ng b\u1ed1 quy tr\u00ecnh t\u1ea5n c\u00f4ng, c\u00e1c chuy\u00ean gia \u0111\u00e3 m\u00f4 t\u1ea3 m\u1ed9t chu\u1ed7i t\u1ea5n c\u00f4ng ho\u00e0n ch\u1ec9nh:\u200b<\/p><\/div>\n<ol>\n<li data-xf-list-type=\"ol\">\n<div style=\"text-align: justify\">G\u1eedi m\u1ed9t payload Java \u0111\u00e3 serialize \u0111\u1ec3 l\u1ee3i d\u1ee5ng l\u1ed7i deserialization.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ol\">\n<div style=\"text-align: justify\">K\u00edch ho\u1ea1t l\u1ec7nh th\u00f4ng qua h\u00e0m Runtime.exec() c\u1ee7a Java.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ol\">\n<div style=\"text-align: justify\">D\u00f9ng ${IFS} (k\u00fd t\u1ef1 \u0111\u1eb7c bi\u1ec7t thay cho kho\u1ea3ng tr\u1eafng) \u0111\u1ec3 v\u01b0\u1ee3t qua l\u1ed7i \u0111\u1ecbnh d\u1ea1ng \u0111\u1ed1i s\u1ed1 khi ch\u1ea1y l\u1ec7nh.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ol\">\n<div style=\"text-align: justify\">T\u1eeb \u0111\u00f3 chi\u1ebfm \u0111\u01b0\u1ee3c quy\u1ec1n root trong container Docker \u0111ang ch\u1ea1y Cisco ISE.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ol\">\n<div style=\"text-align: justify\">Sau \u0111\u00f3 s\u1eed d\u1ee5ng m\u1ed9t k\u1ef9 thu\u1eadt tr\u1ed1n tho\u00e1t ph\u1ed5 bi\u1ebfn d\u1ef1a tr\u00ean cgroups v\u00e0 release_agent \u0111\u1ec3 tho\u00e1t kh\u1ecfi Docker v\u00e0 chi\u1ebfm quy\u1ec1n root tr\u00ean h\u1ec7 th\u1ed1ng m\u00e1y ch\u1ee7 v\u1eadt l\u00fd.\u200b<\/div>\n<\/li>\n<\/ol>\n<div style=\"text-align: justify\">D\u00f9 b\u00e0i vi\u1ebft kh\u00f4ng cung c\u1ea5p script khai th\u00e1c s\u1eb5n c\u00f3, nh\u01b0ng t\u1ea5t c\u1ea3 k\u1ef9 thu\u1eadt v\u00e0 payload \u0111\u00e3 \u0111\u1ee7 \u0111\u1ec3 c\u00e1c hacker c\u00f3 k\u1ef9 n\u0103ng t\u1ef1 x\u00e2y d\u1ef1ng l\u1ea1i c\u00f4ng c\u1ee5 t\u1ea5n c\u00f4ng.<\/p>\n<p>Cisco \u0111\u00e3 x\u00e1c nh\u1eadn c\u1ea3 hai l\u1ed7 h\u1ed5ng \u0111ang b\u1ecb khai th\u00e1c ngo\u00e0i th\u1ef1c t\u1ebf. Ch\u00fang \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn c\u00e1c phi\u00ean b\u1ea3n ISE 3.3 v\u00e0 3.4 (c\u1ea3 ISE-PIC). T\u1eeb h\u1ec7 th\u1ed1ng m\u1ea1ng doanh nghi\u1ec7p, t\u1ed5 ch\u1ee9c ch\u00ednh ph\u1ee7 cho \u0111\u1ebfn nh\u00e0 cung c\u1ea5p d\u1ecbch v\u1ee5, t\u1ea5t c\u1ea3 \u0111\u1ec1u c\u00f3 nguy c\u01a1 n\u1ebfu ch\u01b0a c\u1eadp nh\u1eadt.<\/p>\n<p>V\u1edbi l\u1ed7 h\u1ed5ng CVE-2025-20281 trong Cisco ISE, hacker kh\u00f4ng c\u1ea7n ph\u1ea3i g\u1eedi email l\u1eeba \u0111\u1ea3o, kh\u00f4ng c\u1ea7n t\u00e0i kho\u1ea3n \u0111\u0103ng nh\u1eadp, kh\u00f4ng c\u1ea7n t\u01b0\u01a1ng t\u00e1c ng\u01b0\u1eddi d\u00f9ng. \u0110\u00e2y l\u00e0 m\u1ed9t l\u1ed7 h\u1ed5ng tr\u00ean d\u1ecbch v\u1ee5 m\u1ea1ng (network service) m\u00e0 hacker c\u00f3 th\u1ec3 g\u1eedi d\u1eef li\u1ec7u tr\u1ef1c ti\u1ebfp t\u1eeb xa \u0111\u1ebfn h\u1ec7 th\u1ed1ng \u0111ang m\u1edf c\u1ed5ng d\u1ecbch v\u1ee5 ISE.<\/p>\n<p>Khi m\u1ed9t h\u1ec7 th\u1ed1ng Cisco ISE d\u00ednh l\u1ed7 h\u1ed5ng v\u00e0 ch\u01b0a \u0111\u01b0\u1ee3c c\u1eadp nh\u1eadt b\u1ea3n v\u00e1, hacker c\u00f3 th\u1ec3 th\u1ef1c hi\u1ec7n cu\u1ed9c t\u1ea5n c\u00f4ng theo tr\u00ecnh t\u1ef1 nh\u01b0 sau:<\/p>\n<p><b>B\u01b0\u1edbc 1: G\u1eedi d\u1eef li\u1ec7u \u201cb\u1eaby\u201d v\u00e0o h\u1ec7 th\u1ed1ng<\/b>\u200b<\/div>\n<ul>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">K\u1ebb t\u1ea5n c\u00f4ng g\u1eedi m\u1ed9t \u0111o\u1ea1n d\u1eef li\u1ec7u \u0111\u1eb7c bi\u1ec7t (g\u1ecdi l\u00e0 payload) \u0111\u1ebfn h\u1ec7 th\u1ed1ng Cisco ISE. D\u1eef li\u1ec7u n\u00e0y \u0111\u01b0\u1ee3c \u201c\u0111\u00f3ng g\u00f3i\u201d theo c\u00e1ch m\u00e0 h\u1ec7 th\u1ed1ng s\u1ebd x\u1eed l\u00fd nh\u1ea7m l\u00e0 h\u1ee3p l\u1ec7.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">T\u01b0\u1edfng l\u00e0 d\u1eef li\u1ec7u h\u1ee3p ph\u00e1p, h\u1ec7 th\u1ed1ng l\u1ea1i t\u1ef1 m\u1edf ra v\u00e0 th\u1ef1c thi (\u0111\u00e2y ch\u00ednh l\u00e0 l\u1ed7i deserialization v\u00e0 injection).\u200b<\/div>\n<\/li>\n<\/ul>\n<div style=\"text-align: justify\">\n<b>B\u01b0\u1edbc 2<\/b>: <b>Th\u1ef1c thi l\u1ec7nh \u0111\u1ed9c h\u1ea1i v\u1edbi quy\u1ec1n cao nh\u1ea5t (root)<\/b>\u200b<\/div>\n<ul>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">Th\u00f4ng qua \u0111o\u1ea1n d\u1eef li\u1ec7u \u0111\u00f3, hacker ch\u00e8n \u0111\u01b0\u1ee3c c\u00e1c l\u1ec7nh h\u1ec7 th\u1ed1ng v\u00e0o m\u00e1y ch\u1ee7 ch\u1ea1y ISE v\u00e0 c\u00e1c l\u1ec7nh n\u00e0y \u0111\u01b0\u1ee3c ch\u1ea1y v\u1edbi quy\u1ec1n root (t\u1ee9c l\u00e0 quy\u1ec1n cao nh\u1ea5t trong h\u1ec7 th\u1ed1ng)).\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">V\u1edbi quy\u1ec1n root, hacker c\u00f3 th\u1ec3 l\u00e0m m\u1ecdi th\u1ee9, nh\u01b0: C\u00e0i ph\u1ea7n m\u1ec1m, ch\u1ec9nh file h\u1ec7 th\u1ed1ng, th\u00eam t\u00e0i kho\u1ea3n ng\u1ea7m&#8230;\u200b<\/div>\n<\/li>\n<\/ul>\n<div style=\"text-align: justify\">\n<b>B\u01b0\u1edbc 3: Tho\u00e1t kh\u1ecfi Docker, x\u00e2m nh\u1eadp s\u00e2u h\u01a1n<\/b><br \/>\nCisco ISE th\u01b0\u1eddng ch\u1ea1y b\u00ean trong m\u1ed9t m\u00f4i tr\u01b0\u1eddng b\u1ea3o v\u1ec7 g\u1ecdi l\u00e0 Docker container. Nh\u01b0ng hacker kh\u00f4ng d\u1eebng l\u1ea1i \u1edf \u0111\u00f3. H\u1ecd s\u1eed d\u1ee5ng m\u1ed9t k\u1ef9 thu\u1eadt n\u00e2ng cao \u0111\u1ec3 tho\u00e1t kh\u1ecfi Docker v\u00e0 ch\u1ea1m t\u1edbi h\u1ec7 th\u1ed1ng ch\u00ednh (host machine) \u0111ang \u0111i\u1ec1u khi\u1ec3n to\u00e0n b\u1ed9 m\u00e1y ch\u1ee7.<\/p>\n<p><b>B\u01b0\u1edbc 4: Chi\u1ebfm quy\u1ec1n v\u00e0 ki\u1ec3m so\u00e1t c\u1ea3 m\u1ea1ng n\u1ed9i b\u1ed9<\/b>\u200b<\/div>\n<ul>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">Sau khi tho\u00e1t ra kh\u1ecfi l\u1edbp b\u1ea3o v\u1ec7, hacker c\u00f3 th\u1ec3:\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">C\u00e0i c\u00e1c ph\u1ea7n m\u1ec1m gi\u00e1n \u0111i\u1ec7p ho\u1eb7c m\u00e3 \u0111\u1ed9c theo \u00fd mu\u1ed1n.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">L\u1ea5y th\u00f4ng tin \u0111\u0103ng nh\u1eadp c\u1ee7a nh\u00e2n vi\u00ean, h\u1ec7 th\u1ed1ng v\u00e0 thi\u1ebft b\u1ecb.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">Theo d\u00f5i ho\u1eb7c ghi l\u1ea1i ho\u1ea1t \u0111\u1ed9ng m\u1ea1ng, gi\u1ea3 m\u1ea1o ng\u01b0\u1eddi d\u00f9ng.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">M\u1edf r\u1ed9ng t\u1ea5n c\u00f4ng sang c\u00e1c h\u1ec7 th\u1ed1ng kh\u00e1c trong c\u00f9ng m\u1ea1ng n\u1ed9i b\u1ed9 (lateral movement).\u200b<\/div>\n<\/li>\n<\/ul>\n<div style=\"text-align: justify\">N\u00f3i c\u00e1ch kh\u00e1c, t\u1eeb m\u1ed9t l\u1ed7i nh\u1ecf trong c\u00e1ch x\u1eed l\u00fd d\u1eef li\u1ec7u, hacker c\u00f3 th\u1ec3 &#8220;lu\u1ed3n l\u00e1ch&#8221; v\u00e0o s\u00e2u trong h\u1ec7 th\u1ed1ng, v\u01b0\u1ee3t qua c\u00e1c l\u1edbp b\u1ea3o v\u1ec7 v\u00e0 cu\u1ed1i c\u00f9ng n\u1eafm quy\u1ec1n \u0111i\u1ec1u khi\u1ec3n to\u00e0n b\u1ed9 h\u1ea1 t\u1ea7ng m\u1ea1ng gi\u1ed1ng nh\u01b0 m\u1ed9t qu\u1ea3n tr\u1ecb vi\u00ean th\u1eadt s\u1ef1.<\/p>\n<p>Hi\u1ec7n kh\u00f4ng c\u00f3 c\u00e1ch kh\u1eafc ph\u1ee5c t\u1ea1m th\u1eddi (workaround). Gi\u1ea3i ph\u00e1p duy nh\u1ea5t l\u00e0 c\u1eadp nh\u1eadt l\u00ean c\u00e1c b\u1ea3n v\u00e1 m\u1edbi nh\u1ea5t:\u200b<\/p><\/div>\n<ul>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">ISE 3.3 \u2192 C\u1eadp nh\u1eadt l\u00ean Patch 7\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">ISE 3.4 \u2192 C\u1eadp nh\u1eadt l\u00ean Patch 2\u200b<\/div>\n<\/li>\n<\/ul>\n<div style=\"text-align: justify\">Ngo\u00e0i ra, qu\u1ea3n tr\u1ecb vi\u00ean h\u1ec7 th\u1ed1ng n\u00ean:\u200b<\/div>\n<ul>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">Ki\u1ec3m tra c\u00e1c truy c\u1eadp b\u1ea5t th\u01b0\u1eddng trong nh\u1eadt k\u00fd h\u1ec7 th\u1ed1ng.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">Gi\u00e1m s\u00e1t ho\u1ea1t \u0111\u1ed9ng c\u1ee7a container Docker v\u00e0 ti\u1ebfn tr\u00ecnh c\u00f3 quy\u1ec1n cao.\u200b<\/div>\n<\/li>\n<li data-xf-list-type=\"ul\">\n<div style=\"text-align: justify\">H\u1ea1n ch\u1ebf truy c\u1eadp \u0111\u1ebfn ISE t\u1eeb b\u00ean ngo\u00e0i n\u1ebfu kh\u00f4ng th\u1ef1c s\u1ef1 c\u1ea7n thi\u1ebft.\u200b<\/div>\n<\/li>\n<\/ul>\n<div style=\"text-align: justify\">L\u1ed7 h\u1ed5ng CVE-2025-20281 trong Cisco ISE l\u00e0 m\u1ed9t v\u00ed d\u1ee5 \u0111i\u1ec3n h\u00ecnh v\u1ec1 c\u00e1ch hacker c\u00f3 th\u1ec3 khai th\u00e1c c\u00e1c \u0111i\u1ec3m y\u1ebfu trong h\u1ec7 th\u1ed1ng m\u1ea1ng doanh nghi\u1ec7p \u0111\u1ec3 chi\u1ebfm quy\u1ec1n ki\u1ec3m so\u00e1t ho\u00e0n to\u00e0n. Vi\u1ec7c m\u1ed9t nh\u00e0 nghi\u00ean c\u1ee9u c\u00f4ng khai chi ti\u1ebft k\u1ef9 thu\u1eadt t\u1ea5n c\u00f4ng c\u00e0ng khi\u1ebfn nguy c\u01a1 b\u1ecb khai th\u00e1c lan r\u1ed9ng.<\/p>\n<p>\u0110\u1eebng \u0111\u1ee3i \u0111\u1ebfn khi s\u1ef1 c\u1ed1 x\u1ea3y ra. H\u00e3y ki\u1ec3m tra h\u1ec7 th\u1ed1ng Cisco ISE c\u1ee7a b\u1ea1n ngay v\u00e0 \u00e1p d\u1ee5ng b\u1ea3n v\u00e1 c\u00e0ng s\u1edbm c\u00e0ng t\u1ed1t. Trong th\u1ebf gi\u1edbi m\u1ea1ng, ch\u1eadm m\u1ed9t nh\u1ecbp l\u00e0 sec ph\u1ea3i tr\u1ea3 gi\u00e1 b\u1eb1ng to\u00e0n b\u1ed9 h\u1ec7 th\u1ed1ng.\u200b<\/p><\/div>\n<div style=\"text-align: right\"><b><i>Theo Bleeping Computer<\/i><\/b>\u200b<\/div>\n<div style=\"text-align: right;margin-top: 16px\"><i>Theo: <a href=\"https:\/\/whitehat.vn\/threads\/canh-bao-lo-hong-trong-cisco-ise-cho-phep-hacker-chiem-quyen-he-thong-tu-xa.18609\/\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/whitehat.vn\/threads\/canh-bao-lo-hong-trong-cisco-ise-cho-phep-hacker-chiem-quyen-he-thong-tu-xa.18609\/<\/a><\/i><\/div>\n","protected":false},"excerpt":{"rendered":"<p>C\u00e1c chuy\u00ean gia nghi\u00ean c\u1ee9u v\u1ec1 b\u1ea3o m\u1eadt v\u1eeba c\u00f4ng b\u1ed1 chi ti\u1ebft k\u1ef9 thu\u1eadt t\u1ea5n c\u00f4ng chi\u1ebfm quy\u1ec1n \u0111i\u1ec1u khi\u1ec3n h\u1ec7 th\u1ed1ng Cisco ISE th\u00f4ng qua l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt CVE-2025-20281, m\u1ed9t l\u1ed7i nghi\u00eam tr\u1ecdng cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng t\u1eeb xa th\u1ef1c thi l\u1ec7nh v\u1edbi quy\u1ec1n root. \u200b \u200b L\u1ed7 h\u1ed5ng CVE-2025-20281 n\u1eb1m [&hellip;]<\/p>\n","protected":false},"author":46,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33],"tags":[],"class_list":["post-10419","post","type-post","status-publish","format-standard","hentry","category-tin-tuc-cua-vien"],"_links":{"self":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts\/10419","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/users\/46"}],"replies":[{"embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/comments?post=10419"}],"version-history":[{"count":0,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/posts\/10419\/revisions"}],"wp:attachment":[{"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/media?parent=10419"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/categories?post=10419"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infosec.new88088.net\/wp-json\/wp\/v2\/tags?post=10419"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}