CISA Issues Emergency Directive for Vulnerabilities Affecting Cisco Devices
A new emergency directive from CISA outlines mandated action to protect against zero-day vulnerabilities targeting Cisco devices.
“CISA is aware of an ongoing exploitation campaign by an advanced threat actor targeting Cisco Adaptive Security Appliances (ASA). The campaign is widespread and involves exploiting zero-day vulnerabilities to gain unauthenticated remote code execution on ASAs, as well as manipulating read-only memory (ROM) to persist through reboot and system upgrade,” the directive states.
The following vulnerabilities pose an “unacceptable risk” to federal information systems and must be addressed immediately:
- CVE-2025-20333 – Allows for remote code execution
- CVE-2025-20362 – Allows for privilege escalation
Required steps – as detailed in the directive – include:
- Accounting for all Cisco ASA and Firepower devices
- Collecting forensics and assessing compromise via CISA-provided procedures and tools
- Disconnecting end-of-support devices
- Upgrading devices to remain in use
Read more at CISA.
Related content
- Vulnerabilities Found in Cisco Routers
- Remote Code Execution Vulnerability Found in Cisco
- Bleedingbit: Two New Bluetooth Vulnerabilities
-
News for Admins
Meltdown and Spectre revisit Intel, AMD, and ARM processors, Orangeworm, a new hacking group, targets the healthcare industry, Docker EE 2.0 announced, Remote code execution vulnerability found in Cisco -
Ransomware: Prepare for emergencies
The danger of ransomware attacks calls for a robust backup and monitoring strategy.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
