LOGO

CISA Warns Agencies to Patch Cisco Firewalls - Active Exploitation

November 13, 2025
Topics:Ciscocyberattackcybersecuritydata breachSecurityus government
CISA Warns Agencies to Patch Cisco Firewalls - Active Exploitation

CISA Warns of Unpatched Cisco Firewalls Facing Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding insufficient patching of systems within federal government departments.

This lack of timely updates leaves these departments vulnerable to an ongoing hacking campaign specifically targeting Cisco firewalls.

Details of the Active Hacking Campaign

An updated advisory released by CISA on Wednesday details the current “active exploitation” of two distinct security vulnerabilities present in Cisco’s Adaptive Security Appliance (ASA) software.

This software is integral to a variety of enterprise-level firewalls, utilized by both large corporations and government entities to safeguard their networks against external malicious activity.

Threat Actor and Emergency Directive

The identified vulnerabilities have been actively exploited by a sophisticated threat actor since September.

Consequently, CISA has issued its third emergency directive this year, compelling agencies to immediately patch all systems affected by these flaws.

Vulnerability Remains Despite Patching Efforts

Despite reports from some federal agencies indicating successful patching, CISA has determined that certain agencies remain “still vulnerable” to the threats outlined in the directive.

The agency refrained from disclosing which specific government departments have experienced compromises.

Urgent Call to Action

CISA strongly urges all agencies operating affected Cisco devices to update to the most recent patch version to prevent potential exploitation.

Recent Breach at the Congressional Budget Office

Last week, the Congressional Budget Office (CBO) confirmed a security breach.

Suspected foreign hackers successfully stole emails and chat logs exchanged between lawmakers’ offices and the CBO’s research staff.

CBO Hack Linked to Unpatched Firewall

While the CBO has not publicly detailed the entry point for the attackers, security researcher Kevin Beaumont discovered that the agency operated an affected Cisco firewall that hadn’t been patched before the U.S. government shutdown on October 1.

The compromised Cisco router was taken offline by the CBO shortly before the disclosure of the breach.

#CISA#Cisco#firewall#vulnerability#exploit#cybersecurity

Related Posts

Coupang CEO Resigns After Data Breach | South Korea

Coupang CEO Resigns After Data Breach | South Korea

Petco Vetco Data Breach: Customer Information Exposed

Petco Vetco Data Breach: Customer Information Exposed

FTC Upholds Ban on Stalkerware Founder Scott Zuckerman

FTC Upholds Ban on Stalkerware Founder Scott Zuckerman

Google Details Chrome Security for Agentic Features

Google Details Chrome Security for Agentic Features

Petco Data Breach: SSNs, Driver's Licenses Exposed

Petco Data Breach: SSNs, Driver's Licenses Exposed

Petco Data Breach: Customer Data Exposed - What You Need to Know

Petco Data Breach: Customer Data Exposed - What You Need to Know