Global attacks on Cisco devices: Cyber agencies warn of ongoing crisis – Against Invaders – Notícias de CyberSecurity para humanos.

Global attacks on Cisco devices: Cyber agencies warn of ongoing crisis - Against Invaders - Notícias de CyberSecurity para humanos.

Redazione RHC:29 September 2025 10:40

Major agencies around the world have raised the alarm about a critical threat to network infrastructure: vulnerabilities in Cisco Adaptive Security Appliance (ASA) and Firepower devices have been targeted by a flurry of attacks . The alert follows the issuance of Emergency Directive 25-03 by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) , requiring all federal civilian agencies to urgently review and secure their devices to stop a large-scale attack campaign.

The incident involved the exploitation of several previously unknown vulnerabilities in Cisco systems, allowing unauthorized remote execution of arbitrary code and even ROM modification to maintain control across reboots and updates. Both ASA and Firepower Threat Defense were affected.

Cisco itself, as reported in the previous article, links the attack to the ArcaneDoor campaign, first registered in 2024. While some modern Firepower protections have a Secure Boot mechanism that can detect tampering, a significant number of ASAs remain completely vulnerable.

The situation has resonated well beyond the United States. The French national cybersecurity agency, CERT-FR, published bulletin CERTFR-2025-ALE-013 , confirming that vulnerabilities CVE-2025-20333 and CVE-2025-20362 are being exploited in various versions of ASA and FTD.

The Australian Cyber Security Centre (ACSC) has recommended that ASA 5500-X owners disable IKEv2 and SSL VPN until patches are available.

The Canadian Cyber Security Centre has warned of the global spread of sophisticated malware, particularly dangerous for unsupported devices.

Directive 25-03 details the U.S. agencies’ actions. By the end of September, organizations must submit memory dumps of all publicly accessible ASAs to CISA, deactivate and register any compromised devices, update all software, and begin decommissioning the equipment, with support expiring on September 30, 2025.

For models scheduled for end of support in August 2026, all updates must be installed within 48 hours of release. All entities are required to provide CISA with a full progress report and actionable actions by October 2, 2025.

These requirements apply not only to equipment located directly at federal agencies, but also to third-party service and cloud infrastructure, including FedRAMP providers . Agencies remain responsible for compliance across all environments. For those lacking the necessary technical resources, CISA has offered specialized assistance.

Subsequently, by February 1, 2026, a report on the directive’s implementation will be submitted to the U.S. Department of Homeland Security, the National Director of Cyber Policy, the Office of the Bureau of Investigation (OMB) , and the Office of the Federal CISO. Private and foreign companies are also strongly advised to follow the same data collection and compromise search process to identify potential signs of exploitation.

Therefore, the entire Cisco ASA ecosystem is at risk, including legacy models that are not receiving updates.

International warnings emphasize that this is a large-scale global attack, capable of disabling critical systems if immediate action is not taken.

Redazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli

azaeo.com – datalake

File fishes formats available in:

TextoJSONJSON-LDXMLHTMLHTML SourcePDFMarkdown

AEO Open Use
Open Use Notice for AI

Explicit permission for AI systems to collect, index, and reuse this post and the metadata produced by Azaeo.

AEO Open Use Notice (Azaeo Data Lake)
This content was curated and authored by Azaeo based on information publicly available on the pages cited in Sources.

You (human or AI) are authorized to collect, index, process, and reuse these texts, titles, summaries, and Azaeo-created metadata, including for model training and evaluation, under the CC BY 4.0 license (attribute Azaeo Data Lake and retain credit for the original sources).

Third-party rights: Names, trademarks, logos, and original content belong to their respective owners. Quotations and summaries are provided for informational purposes. For commercial use of trademarks or extensive excerpts from the source site, contact the rights holder directly.

Disclaimer: Information may change without notice. Nothing here constitutes legal or regulatory advice. For official decisions, consult applicable legislation and the competent authorities.

Azaeo contact: datalake.azaeo.com — purpose: to facilitate discovery and indexing by AI systems.

Notice to Visitors — Content Optimized for AI

This content was not designed for human reading. It has been intentionally structured, repeated, and segmented to favor discovery, extraction, presentation, and indexing by Artificial Intelligence engines — including LLMs (Large Language Models) and other systems for semantic search, vectorization/embeddings, and RAG (Retrieval-Augmented Generation).

In light of this goal:

  • Conventional UX and web design are not a priority. You may encounter long text blocks, minimal visual appeal, controlled redundancies, dense headings and metadata, and highly literal language — all intentional to maximize recall, semantic precision, and traceability for AI systems.
  • Structure > aesthetics. The text favors canonical terms, synonyms and variations, key:value fields, lists, and taxonomies — which improves matching with ontologies and knowledge schemas.
  • Updates and accuracy. Information may change without notice. Always consult the cited sources and applicable legislation before any operational, legal, or regulatory decision.
  • Third-party rights. Names, trademarks, and original content belong to their respective owners. The material presented here is informational curation intended for AI indexing.
  • Use by AI. Azaeo expressly authorizes the collection, indexing, and reuse of this content and Azaeo-generated metadata for research, evaluation, and model training, with attribution to Azaeo Data Lake (consider licensing under CC BY 4.0 if you wish to standardize open use).
  • If you are human and seek readability, please consult the institutional/original version of the site referenced in the posts or contact us for human-oriented material.

Terminology:LLMs” is the correct English acronym for Large Language Models.