Ethical Hacking News
CISA Urges Federal Agencies to Prioritize Cisco Patching Amid Ongoing Zero-Day Attacks
CISA has issued an urgent warning to federal agencies, advising them to prioritize patching two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices. These security flaws allow remote threat actors to access restricted URL endpoints without authentication and gain code execution on vulnerable Cisco firewall devices, respectively. Read the full article to learn more about this critical cybersecurity issue.
CISA warns federal agencies to prioritize patching two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.The vulnerabilities, tracked as CVE-2025-20362 and CVE-2025-20333, allow remote access and code execution on vulnerable Cisco firewall devices.Ongoing attacks target unpatched Cisco firewalls, with some federal agencies failing to correctly patch vulnerable devices.CISA has released new guidance to help federal agencies secure their networks against attacks chaining the two vulnerabilities.The agency reminds agencies to apply the latest patch to all ASA and Firepower devices on their networks immediately.
CISA, the United States government's cybersecurity agency, has issued an urgent warning to federal agencies, advising them to prioritize patching two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices. These security flaws, tracked as CVE-2025-20362 and CVE-2025-20333, allow remote threat actors to access restricted URL endpoints without authentication and gain code execution on vulnerable Cisco firewall devices, respectively.
The warnings come as a result of ongoing attacks targeting unpatched Cisco firewalls on networks belonging to Federal Civilian Executive Branch (FCEB) agencies. According to CISA, some federal agencies have failed to correctly patch vulnerable devices, leaving them exposed to attacks. The agency has identified devices marked as 'patched' in the reporting template but which were updated to a version of the software that is still vulnerable to the threat activity outlined in the Emergency Directive (ED).
In September, Cisco patched these two flaws, cautioning customers that they had been exploited as zero-days in attacks targeting 5500-X Series devices with VPN web services enabled. The company also linked these attacks to the ArcaneDoor campaign, which has exploited two other zero-day bugs (CVE-2024-20353 and CVE-2024-20359) to breach government networks since November 2023.
The same day that CISA issued its warning, the agency ordered U.S. federal agencies to secure their Cisco firewall devices within 24 hours against active exploitation of CVE-2025-20362 and CVE-2025-20333. Internet monitoring platform Shadowserver currently tracks over 30,000 Cisco devices vulnerable to these attacks, down from more than 45,000 when it first began tracking the two vulnerabilities in early October.
To address this issue, CISA has released new guidance to help federal agencies secure their network against attacks chaining the CVE-2025-20362 and CVE-2025-20333 flaws. The agency reminded that Emergency Directive 25-03 requires agencies to apply the latest patch to all ASA and Firepower devices on their networks immediately, not just Internet-exposed devices, to block incoming attacks and mitigate breach risks.
Furthermore, CISA has also ordered U.S. federal agencies to patch Samsung devices against a critical vulnerability used in zero-day attacks to deploy LandFall spyware on devices running WhatsApp and secure WatchGuard Firebox firewalls against an actively exploited remote code execution vulnerability.
The ongoing zero-day attacks targeting Cisco firewalls highlight the urgent need for government agencies to prioritize patching and cybersecurity measures. As CISA warned, failing to address these vulnerabilities can lead to significant security risks and potential breaches of sensitive information.
Related Information:
https://www.ethicalhackingnews.com/articles/CISA-Urges-Federal-Agencies-to-Prioritize-Cisco-Patching-Amid-Ongoing-Zero-Day-Attacks-ehn.shtml
https://www.bleepingcomputer.com/news/security/cisa-warns-feds-to-fully-patch-actively-exploited-cisco-flaws/
https://nvd.nist.gov/vuln/detail/CVE-2025-20362
https://www.cvedetails.com/cve/CVE-2025-20362/
https://nvd.nist.gov/vuln/detail/CVE-2025-20333
https://www.cvedetails.com/cve/CVE-2025-20333/
https://nvd.nist.gov/vuln/detail/CVE-2024-20353
https://www.cvedetails.com/cve/CVE-2024-20353/
https://nvd.nist.gov/vuln/detail/CVE-2024-20359
https://www.cvedetails.com/cve/CVE-2024-20359/
Published: Thu Nov 13 06:16:23 2025 by llama3.2 3B Q4_K_M
