CISA: Implementation Guidance for Emergency Directive on Cisco ASA and Firepower Device Vulnerabilities


CISA has released Emergency Cisco Directive 25-03 Implementation Guidance to assist federal agencies in addressing critical vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.

Emergency Directive 25-03: Identify and Mitigate Potential Compromise of Cisco Devices, issued on Sept. 25, identified known vulnerabilities CVE-2025-20333 and CVE-2025-20362, and mandated immediate action to mitigate risks. Threat actors continue to target these devices, posing significant risk to all organizations. The implementation guidance provides information on the minimum software versions that address these vulnerabilities and direct federal agencies to conduct corrective patching measures on devices that are not compliant with these requirements.

Read more…
Source: U.S. Cybersecurity and Infrastructure Security Agency


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Georgia: Columbus hit by data breach, officials say not considered ransomware incident

    July 29, 2024

    Columbus experienced a data breach last Wednesday, the same day as an internet outage, city officials say. The only information believed to have been accessed are employees’ names, work emails and passwords, according to Mike Richardson, the city’s director of security and risk. He said no employee’s personal financial information was compromised. All employee passwords were ...

  • Northern Ireland: Man arrested in connection with PSNI data breach

    July 29, 2024

    Detectives investigating criminality linked to the PSNI data breach have arrested a 54-year-old man. Data relating to all 9,483 PSNI officers and staff was mistakenly included in a spreadsheet published online last August in response to a freedom of information request. The list included the surname and first initial of every employee, their rank or grade, ...

  • Investigators probe suspected sabotage of French fiber optic network

    July 28, 2024

    The disruptions occurred early Wednesday, hitting several — but not all — internet operators. Authorities suggested the damage to the cables was intentional. The prosecutor’s office opened a preliminary investigation on charges of “damaging goods of a nature of harming the fundamental interests of the nation,” as well as “obstruction of an automatic data processing system” ...

  • CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery

    July 26, 2024

    Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery (SSRF). SSRF occurs when the server can be induced to perform arbitrary requests on behalf of an attacker. An attacker with unauthenticated access to the Automation 360 Control Room HTTPS service (port 443) or HTTP service (port 80) can trigger arbitrary web ...

  • Guernsey: Warning after spike in cyber-attacks

    July 25, 2024

    Authorities have warned organisations to take extra measures to protect their IT systems after a spike in cyber-attacks in Guernsey. The Office of the Data Protection Authority (ODPA) said some Microsoft 365 systems had been compromised by phishing attacks, where someone is tricked into giving out information over email. It warned criminals were becoming increasingly adept ...

  • Onyx Sleet uses array of malware to gather intelligence for North Korea

    July 25, 2024

    On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet. Microsoft Threat Intelligence collaborated with the Federal Bureau of Investigation (FBI) in tracking activity associated with Onyx Sleet. Microsoft will continue to closely monitor Onyx Sleet’s activity to assess ...