Tag: cisco
-
CISA says it observed nearly year-old activity tied to Cisco zero-day attacks
The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-emergency-directive-timeline-investigation/
-
Cisco Adaptive Security Appliance wird über 0-day angegriffen
Die US Cybersicherheitsbehörde CISA hat eine dringende Warnung an US-Behörden herausgegeben. Cisco ASA (Adaptive Security Appliance) wird über 0-day-Schwachstellen in den Webservices aktiv angegriffen. US-Behörden müssen sofort auf die Schwachstellen reagieren und Gegenmaßnahmen ergreifen. Die Warnung der CISA findet sich … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/26/cisco-adaptive-security-appliance-wird-ueber-0-day-angegriffen/
-
Patch now: Attacker finds another zero day in Cisco firewall software
Tags: access, attack, best-practice, cisa, cisco, cve, cyber, defense, detection, exploit, firewall, firmware, Hardware, incident response, malware, monitoring, network, resilience, risk, router, software, technology, threat, tool, update, vpn, vulnerability, zero-day, zero-trustroot, which may lead to the complete compromise of the device.Affected are devices running Cisco Secure Firewall Adaptive Security Appliance (ASA) software, Cisco Secure Firewall Threat Defense (FTD) software, as well as devices running Cisco IOS, IOS XE and IOS XR software. There are two attack scenarios:an unauthenticated, remote attacker getting into devices running Cisco…
-
SentinelOne Hires Industry Vet Ana Pinczuk As New President Of Technology
SentinelOne announced Thursday it has hired Ana Pinczuk, a veteran executive at tech giants including Cisco and Hewlett Packard Enterprise, as its new president of product and technology. First seen on crn.com Jump to article: www.crn.com/news/security/2025/sentinelone-hires-industry-vet-ana-pinczuk-as-new-president-of-technology
-
Cisco’s Wave of Actively Exploited Zero-Day Bugs Targets Firewalls, IOS
Patch now: Cisco recently disclosed four actively exploited zero-days affecting millions of devices, including three targeted by a nation-state actor previously discovered to be behind the ArcaneDoor campaign. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/cisco-actively-exploited-zero-day-bugs-firewalls-ios
-
Feds Isolate Cisco Firewalls to Defend Against ‘Arcane Door’
CISA Issues Emergency Directive After Cisco Exploits Persist After Reboot. CISA issued an emergency directive Thursday after discovering an advanced hacking campaign exploiting two persistent zero-days in Cisco firewall gear – malware that survives system reboots and upgrades – forcing agencies to disconnect vulnerable devices by Friday. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/feds-isolate-cisco-firewalls-to-defend-against-arcane-door-a-29568
-
Critical Cisco IOS/IOS XE Vulnerability Could Expose Networks
Cisco TACACS+ vulnerability threatens sensitive data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/critical-cisco-ios-ios-xe-vulnerability-could-expose-networks/
-
‘Emergency’ Response Needed Amid Cisco Firewall Attacks
Tags: attack, cisa, cisco, cyberattack, cybersecurity, exploit, firewall, infrastructure, vulnerability, zero-dayCyberattacks that have exploited two zero-day Cisco firewall vulnerabilities prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to issue an “emergency directive” Thursday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-emergency-response-needed-amid-cisco-firewall-attacks
-
CISA alerts federal agencies of widespread attacks using Cisco zero-days
Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-emergency-directive-cisco-zero-days/
-
U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities (KEV) catalog. CISA urges Federal Agencies to identify and mitigate potential compromise…
-
Cisco admins urged to patch IOS, IOS XE devices
allow a low privileged authenticated attacker who sends a crafted SNMP packet to an affected device to cause the system to reload, resulting in a denial of service (DoS) condition.allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system. First seen on networkworld.com Jump to article: www.networkworld.com/article/4063425/cisco-admins-urged-to-patch-ios-ios-xe-devices.html
-
Federal agencies given one day to patch exploited Cisco firewall bugs
Vulnerabilities in some models of Cisco’s Adaptive Security Appliances (ASA) have been exploited by “an advanced threat actor,” according to a warning from CISA. First seen on therecord.media Jump to article: therecord.media/cisco-asa-firewall-bugs-cisa-federal-agencies-warning
-
Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive
Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild.The zero-day vulnerabilities in question are listed below -CVE-2025-20333 (CVSS score: 9.9) – An improper validation…
-
CISA orders feds to patch Cisco flaws used to hack multiple agencies
One U.S. official called the ongoing cyberattack campaign hitting federal agencies and businesses “very sophisticated.” First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-emergency-directive-cisco-vulnerabilities-arcanedoor/761150/
-
CISA orders agencies to patch Cisco flaws exploited in zero-day attacks
CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-cisco-flaws-exploited-in-zero-day-attacks/
-
Cisco warns of ASA firewall zero-days exploited in attacks
Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company’s firewall software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-asa-firewall-zero-days-exploited-in-attacks/
-
As many as 2 million Cisco devices affected by actively exploited 0-day
Search shows 2 million vulnerable Cisco SNMP interfaces exposed to the Internet. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/09/as-many-as-2-million-cisco-devices-affected-by-actively-exploited-0-day/
-
Evolved PXA Stealer wraps PureRAT in multi-layer obfuscation
Telegram and the Vietnamese infrastructure led to attribution: Metadata within exfiltrated ZIP archives pointed to @LoneNone, a Telegram handle previously associated with PXA Stealer. That same alias had appeared in earlier Cisco and SentinelOne reporting, and Validin also tied PureRAT infrastructure to Vietnamese actors, researchers noted.James Northey, SOC analyst and lead author of the report,…
-
Cisco uncovers new SNMP vulnerability used in attacks on IOS devices
Cisco Systems has issued security updates to address a critical vulnerability in its widely deployed IOS and IOS XE network operating systems, after confirming the flaw is being exploited in active attacks. Designated CVE-2025-20352, the vulnerability resides in the Simple Network Management Protocol (SNMP) subsystem of Cisco’s core network software. According to Cisco, the weakness…
-
As many as 2 million Cisco devices affected by actively exploited 0-day
Search shows 2 million vulnerable Cisco SNMP interfaces exposed to the Internet. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/09/as-many-as-2-million-cisco-devices-affected-by-actively-exploited-0-day/
-
Cisco Confirms Critical CVE-2025-20352 Zero-Day RCE Vulnerability Under Active Exploitation
Tags: attack, cisco, cve, exploit, flaw, incident response, rce, remote-code-execution, security-incident, software, vulnerability, zero-dayCisco has publicly disclosed a critical remote code execution (RCE) vulnerability, tracked as CVE-2025-20352, affecting its widely deployed Cisco IOS and IOS XE software platforms. According to Cisco’s Product Security Incident Response Team (PSIRT), the flaw is being actively exploited in the wild, with confirmed attacks leveraging compromised administrator credentials. First seen on thecyberexpress.com Jump…
-
Zero-day deja vu as another Cisco IOS bug comes under attack
The latest in a run of serious networking bugs gives attackers root if they have SNMP access First seen on theregister.com Jump to article: www.theregister.com/2025/09/25/zeroday_deja_vu_another_cisco/
-
Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)
Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/25/cisco-ios-xe-cve-2025-20352/
-
Cisco IOS/XE Schwachstelle CVE-2025-20352
Cisco hat zum 24. September 2025 eine Sicherheitswarnung veröffentlicht, die sich auf Cisco IOS und IOS XE bezieht. Im Simple Network Management Protocol (SNMP) Subsystem der genannten Produkte gibt es eine Denial of Service and Remote Code Execution Schwachstelle CVE-2025-20352, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/25/cisco-ios-xe-schwachstelle-cve-2025-20352/
-
Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software
Cisco addressed a high-severity zero-day in Cisco IOS and IOS XE Software that is being actively exploited in attacks in the wild. Cisco fixed an actively exploited zero-day, tracked as CVE-2025-20352, impacting Cisco IOS and IOS XE Software. The high-severity vulnerability resides in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and…
-
Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software
Tags: cisco, credentials, cve, dos, exploit, flaw, rce, remote-code-execution, service, software, vulnerabilityCisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under specific circumstances.The company said the vulnerability, CVE-2025-20352 (CVSS score: 7.7), has been exploited in the wild, adding it became aware of it “after…
-
Cisco IOS 0-Day RCE Vulnerability Actively Targeted
Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both denial-of-service attacks and remote code execution depending on the attacker’s privilege level. Critical SNMP Stack…
-
Cisco IOS 0-Day RCE Vulnerability Actively Targeted
Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) subsystem and allows both denial-of-service attacks and remote code execution depending on the attacker’s privilege level. Critical SNMP Stack…