LOGO

CISA Warns Agencies to Patch Cisco Firewalls - Active Exploitation

November 13, 2025
Topics:Ciscocyberattackcybersecuritydata breachSecurityus government
CISA Warns Agencies to Patch Cisco Firewalls - Active Exploitation

CISA Warns of Unpatched Cisco Firewalls Facing Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding insufficient patching of systems within federal government departments.

This lack of timely updates leaves these departments vulnerable to an ongoing hacking campaign specifically targeting Cisco firewalls.

Details of the Active Hacking Campaign

An updated advisory released by CISA on Wednesday details the current “active exploitation” of two distinct security vulnerabilities present in Cisco’s Adaptive Security Appliance (ASA) software.

This software is integral to a variety of enterprise-level firewalls, utilized by both large corporations and government entities to safeguard their networks against external malicious activity.

Threat Actor and Emergency Directive

The identified vulnerabilities have been actively exploited by a sophisticated threat actor since September.

Consequently, CISA has issued its third emergency directive this year, compelling agencies to immediately patch all systems affected by these flaws.

Vulnerability Remains Despite Patching Efforts

Despite reports from some federal agencies indicating successful patching, CISA has determined that certain agencies remain “still vulnerable” to the threats outlined in the directive.

The agency refrained from disclosing which specific government departments have experienced compromises.

Urgent Call to Action

CISA strongly urges all agencies operating affected Cisco devices to update to the most recent patch version to prevent potential exploitation.

Recent Breach at the Congressional Budget Office

Last week, the Congressional Budget Office (CBO) confirmed a security breach.

Suspected foreign hackers successfully stole emails and chat logs exchanged between lawmakers’ offices and the CBO’s research staff.

CBO Hack Linked to Unpatched Firewall

While the CBO has not publicly detailed the entry point for the attackers, security researcher Kevin Beaumont discovered that the agency operated an affected Cisco firewall that hadn’t been patched before the U.S. government shutdown on October 1.

The compromised Cisco router was taken offline by the CBO shortly before the disclosure of the breach.

#CISA#Cisco#firewall#vulnerability#exploit#cybersecurity

Related Posts

NHS England Data Breach Confirmed by Tech Provider

NHS England Data Breach Confirmed by Tech Provider

Cisco Zero-Day Exploit: Chinese Hackers Targeting Customers

Cisco Zero-Day Exploit: Chinese Hackers Targeting Customers

Pornhub Hacked: User Data Extorted by Hacking Group

Pornhub Hacked: User Data Extorted by Hacking Group

Google and Apple Release Emergency Security Updates

Google and Apple Release Emergency Security Updates

700credit Data Breach: 5.6 Million Affected

700credit Data Breach: 5.6 Million Affected

Home Depot Data Breach: Internal Systems Exposed for a Year

Home Depot Data Breach: Internal Systems Exposed for a Year