By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Viral Trending contentViral Trending content
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
Reading: Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws
Notification Show More
Viral Trending contentViral Trending content
  • Home
  • Categories
    • World News
    • Politics
    • Sports
    • Celebrity
    • Business
    • Crypto
    • Tech News
    • Gaming News
    • Travel
  • Bookmarks
© 2024 All Rights reserved | Powered by Viraltrendingcontent
Viral Trending content > Blog > Tech News > Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws
Tech News

Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws

By admin 3 Min Read
Share
SHARE

Roughly 50,000 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers.

The flaws, tracked as CVE-2025-20333 and CVE-2025-20362, enable arbitrary code execution and access to restricted URL endpoints associated with VPN access. Both security issues can be exploited remotely without authentication.

On September 25, Cisco warned that the issues were actively exploited in attacks that started before patches were available to customers.

No workarounds exist for either flaw, but temporary hardening steps could include restricting VPN web interface exposure and increasing logging and monitoring for suspicious VPN logins and crafted HTTP requests.

Today, threat monitoring service The Shadowserver Foundation reports that its scans discoveredmore than 48,800 internet-exposed ASA and FTD instances that are still vulnerable to CVE-2025-20333 and CVE-2025-20362.

Most of the IPs are located in the United States (more than 19,200 endpoints), followed by the United Kingdom (2,800), Japan (2,300), Germany (2,200), Russia (2,100), Canada (1,500), and Denmark (1,200).

Global exposure of unpatched Cisco ASA/FTD devices
<strong>Global exposure of unpatched Cisco ASA/FTD devices</strong><br /><em>Source: The Shadowserver Foundation</em>

These figures are as of yesterday, September 29, indicating a lack of appropriate response to the ongoing exploitation activity, as well as previous warnings.

Notably, Greynoise had warned on September 4 about suspicious scans that occurred as early as late August, targeting Cisco ASA devices. In 80% of the cases, these scans are an indication of upcoming undocumented flaws in the targeted products.

The risks associated with the two vulnerabilities are so severe that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive that gave 24 hours to all Federal Civilian Executive Branch (FCEB) agencies to identify any compromised Cisco ASA and FTD instances on the network and upgrade those that would remain in service.

CISA also advised that ASA devices reaching their end of support (EoS) should be disconnected from federal organization networks by today (the end of the month).

A report from the U.K.’s National Cyber Security Centre (NCSC) shed more light on the attacks, noting that the hackers deployed a shellcode loader malware named ‘Line Viper,’ followed by a GRUB bootkit named ‘RayInitiator.’

Given that active exploitation has been underway for more than a week, administrators of potentially impacted systems are urged to apply Cisco’s recommendations for CVE-2025-20333 and CVE-2025-20362 [1, 2] as soon as possible.

Picus BAS Summit

Join the Breach and Attack Simulation Summit and experience the future of security validation. Hear from top experts and see how AI-powered BAS is transforming breach and attack simulation.

Don’t miss the event that will shape the future of your security strategy

You Might Also Like

8 Ireland-based women in cybersecurity you should know about

How Gemini CLI 0.9 Enhances Productivity for Developers

Android 16 Security Measures: Identity Check and Advanced Protection

White House Staffers Couldn’t Care Less About the East Wing Demolition

CISA warns of Lanscope Endpoint Manager flaw exploited in attacks

TAGGED: Actively Exploited, Cisco, Cisco ASA, Cisco FTD, RCE, Remote Code Execution, Vulnerability
Share This Article
Facebook Twitter Copy Link
Previous Article Carra on Liverpool: I'm not watching a top team, it's a mess
Next Article Meet Claude Sonnet 4.5 : The AI That Never Loses Sight of the Goal
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

- Advertisement -
Ad image

Latest News

Heisman Hopeful vs. Hollywood Revival: Indiana, UCLA Set for Big Noon Showdown
Sports
Kourtney Kardashian & Travis Barker’s Kids: Photos of the Couple & Their Blended Family
Celebrity
Ghost of Yōtei Devs Explain How They Made Its Vast, Reactive World Run Fast on PS5
Gaming News
Can You Visit the National Parks During the 2025 Shutdown?
Travel
One Nation, One Workforce: Govt plans integrated system to ensure social-security portability for all workers
Business
Kraken revenue jumps 114% in Q3 amid expansion and IPO plans
Crypto
How on earth has the ITV share price fallen by 75%?
Business

About Us

Welcome to Viraltrendingcontent, your go-to source for the latest updates on world news, politics, sports, celebrity, tech, travel, gaming, crypto news, and business news. We are dedicated to providing you with accurate, timely, and engaging content from around the globe.

Quick Links

  • Home
  • World News
  • Politics
  • Celebrity
  • Business
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
  • Sports
  • Crypto
  • Tech News
  • Gaming News
  • Travel

Trending News

cageside seats

Unlocking the Ultimate WWE Experience: Cageside Seats News 2024

Heisman Hopeful vs. Hollywood Revival: Indiana, UCLA Set for Big Noon Showdown

Investing £5 a day could help me build a second income of £329 a month!

cageside seats
Unlocking the Ultimate WWE Experience: Cageside Seats News 2024
May 22, 2024
Heisman Hopeful vs. Hollywood Revival: Indiana, UCLA Set for Big Noon Showdown
October 24, 2025
Investing £5 a day could help me build a second income of £329 a month!
March 27, 2024
Brussels unveils plans for a European Degree but struggles to explain why
March 27, 2024
© 2024 All Rights reserved | Powered by Vraltrendingcontent
  • About Us
  • Contact US
  • Disclaimer
  • Privacy Policy
  • Terms of Service
Welcome Back!

Sign in to your account

Lost your password?