Security researchers have identified two critical vulnerabilities in Cisco Identity Services Engine allowing unauthenticated remote code execution as root; Cisco released patches after attempted exploitation was observed in the wild.