By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Viral Trending contentViral Trending content
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
Reading: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive
Notification Show More
Viral Trending contentViral Trending content
  • Home
  • Categories
    • World News
    • Politics
    • Sports
    • Celebrity
    • Business
    • Crypto
    • Tech News
    • Gaming News
    • Travel
  • Bookmarks
© 2024 All Rights reserved | Powered by Viraltrendingcontent
Viral Trending content > Blog > Tech News > Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive
Tech News

Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive

By Viral Trending Content 3 Min Read
Share
SHARE

Sep 25, 2025Ravie LakshmananZero-Day / Vulnerability

Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild.

The zero-day vulnerabilities in question are listed below –

  • CVE-2025-20333 (CVSS score: 9.9) – An improper validation of user-supplied input in HTTP(S) requests vulnerability that could allow an authenticated, remote attacker with valid VPN user credentials to execute arbitrary code as root on an affected device by sending crafted HTTP requests
  • CVE-2025-20362 (CVSS score: 6.5) – An improper validation of user-supplied input in HTTP(S) requests vulnerability that could allow an unauthenticated, remote attacker to access restricted URL endpoints without authentication by sending crafted HTTP requests

Cisco said it’s aware of “attempted exploitation” of both vulnerabilities, but did not reveal who may be behind it, or how widespread the attacks are. It’s suspected that the two vulnerabilities are being chained to bypass authentication and execute malicious code on susceptible appliances.

DFIR Retainer Services

It also credited the Australian Signals Directorate, Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security, U.K. National Cyber Security Centre (NCSC), and U.S. Cybersecurity and Infrastructure Security Agency (CISA) for supporting the investigation.

CISA Issues Emergency Directive ED 25-03

In a separate alert, CISA said it’s issuing an emergency directive urging federal agencies to identify, analyze, and mitigate potential compromises with immediate effect. In addition, both vulnerabilities have been added to the Known Exploited Vulnerabilities (KEV) catalog, giving the agencies 24 hours to apply the necessary mitigations.

“CISA is aware of an ongoing exploitation campaign by an advanced threat actor targeting Cisco Adaptive Security Appliances (ASA),” the agency noted.

“The campaign is widespread and involves exploiting zero-day vulnerabilities to gain unauthenticated remote code execution on ASAs, as well as manipulating read-only memory (ROM) to persist through reboot and system upgrade. This activity presents a significant risk to victim networks.”

The agency also noted that the activity is linked to a threat cluster dubbed ArcaneDoor, which was previously identified as targeting perimeter network devices from several vendors, including Cisco, to deliver malware families like Line Runner and Line Dancer. The activity was attributed to a threat actor dubbed UAT4356 (aka Storm-1849).

“This threat actor has demonstrated a capability to successfully modify ASA ROM at least as early as 2024,” CISA added. “These zero-day vulnerabilities in the Cisco ASA platform are also present in specific versions of Cisco Firepower. Firepower appliances’ Secure Boot would detect the identified manipulation of the ROM.”

You Might Also Like

Levoit Aero Cordless Vacuum Review: Self-Emptying Base

Claude Haiku 4.5 Review: Features, Performance & Real-World Costs

Self-Spreading ‘GlassWorm’ Infects VS Code Extensions in Widespread Supply Chain Attack

Girls in Single-Sex Schools Face Major STEM Access Gap

The ‘Surge’ of Troops May Not Come to San Francisco, but the City Is Ready Anyway

TAGGED: CISA, Cisco, Cyber Security, Cybersecurity, Internet, Malware, network security, Remote Code Execution, Vulnerability, Zero-Day
Share This Article
Facebook Twitter Copy Link
Previous Article Hades 2 Reveals Every New Change As The Action Roguelike Finally Leaves Early Access
Next Article Set to go up 57%? Here are the latest share price forecasts for AstraZeneca
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

- Advertisement -
Ad image

Latest News

Ripple CTO Schwartz Revisits NSA Past And Satoshi Speculation
Crypto
Levoit Aero Cordless Vacuum Review: Self-Emptying Base
Tech News
Eurozone private sector logs strongest growth in over two years
Business
Job growth: Which European regions are rising fastest?
World News
Shock at $100,000 fee to contest Guinea elections to replace junta
World News
Discussions begin in La Alma Lincoln Park on Broncos’ proposed Burnham Yard stadium
Business
JPMorgan Chase to start accepting Bitcoin, Ethereum as loan collateral: report
Crypto

About Us

Welcome to Viraltrendingcontent, your go-to source for the latest updates on world news, politics, sports, celebrity, tech, travel, gaming, crypto news, and business news. We are dedicated to providing you with accurate, timely, and engaging content from around the globe.

Quick Links

  • Home
  • World News
  • Politics
  • Celebrity
  • Business
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
  • Sports
  • Crypto
  • Tech News
  • Gaming News
  • Travel

Trending News

cageside seats

Unlocking the Ultimate WWE Experience: Cageside Seats News 2024

Ripple CTO Schwartz Revisits NSA Past And Satoshi Speculation

Investing £5 a day could help me build a second income of £329 a month!

cageside seats
Unlocking the Ultimate WWE Experience: Cageside Seats News 2024
May 22, 2024
Ripple CTO Schwartz Revisits NSA Past And Satoshi Speculation
October 24, 2025
Investing £5 a day could help me build a second income of £329 a month!
March 27, 2024
Brussels unveils plans for a European Degree but struggles to explain why
March 27, 2024
© 2024 All Rights reserved | Powered by Vraltrendingcontent
  • About Us
  • Contact US
  • Disclaimer
  • Privacy Policy
  • Terms of Service
Welcome Back!

Sign in to your account

Lost your password?