"Cisco reports ongoing attacks on its firewall products. The vulnerability can lead to devices restarting and network outages. The company urges customers to update their systems to the latest security versions to prevent further damage. Cisco warns of a new variant of the attacks that have been targeting its firewall products since May 2025. According to the company, this variant causes devices that have not been updated to the latest software versions to continuously restart, leading to network security outages."
"The attack targets devices running Cisco Secure ASA and Secure FTD software that are vulnerable to security flaws CVE-2025-20333 and CVE-2025-20362. Cisco released patches in September to fix these bugs. However, the exploitation appears to be continuing. The attacks are part of a broader campaign. Attackers have been exploiting multiple zero-day vulnerabilities in Cisco products for some time. Advanced threat group The Register reports that the UK's National Cyber Security Centre and the US Cybersecurity and Infrastructure Security Agency are involved in this threat."
Cisco firewall products have been targeted by ongoing exploitation since May 2025, with a new variant causing unpatched devices to continuously restart and produce network security outages. The attacks target devices running Cisco Secure ASA and Secure FTD software vulnerable to CVE-2025-20333 and CVE-2025-20362. Patches were released in September, but exploitation activity continues as part of a broader campaign leveraging multiple zero-day vulnerabilities across Cisco products. UK and US cybersecurity agencies are involved and at least one US government agency has been affected. Cisco has engaged multiple incident-response agencies since May and links the activity to the group behind the 2024 ArcaneDoor campaign.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]