Cisco Warns: Replace Aging ASA Devices to Avoid State-Sponsored Attacks
Cisco has issued a stark warning to customers, urging them to replace aging devices and update vulnerable ones. This comes in light of recent attacks targeting government organizations worldwide, exploiting zero-day vulnerabilities in Cisco ASA 5500-X Series devices. The tactics and malware used bear the hallmarks of a known state-sponsored threat actor.
The tech giant revealed that around 48,000 vulnerable Cisco ASA/FTD appliances remain connected to the internet. These devices, deployed by both government bodies and private sector companies, are high-value targets for cybercriminals. While specific targets in the USA are unknown, the widespread use of these devices makes them a significant risk.
Greynoise detected scanning surges against Cisco ASA devices in late August, hinting at potential preparatory activities by attackers. Cisco and cybersecurity agencies have been warning about the active exploitation of zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) for months. Organizations are advised to check their Cisco ASA/FTD instances for vulnerabilities and seek help if needed. Affected entities should report any evidence of compromise to their respective cybersecurity agencies.
With the end-of-support date for Cisco ASA 5500-X Series devices approaching in 2026, organizations are urged to replace or update these devices promptly. The recent attacks serve as a stark reminder of the risks posed by out-of-date technology and the importance of vigilance in cybersecurity.
Read also:
- Trump announces Chinese leader's confirmation of TikTok agreement
- SpaceX & T-Mobile Activate Starlink for Hurricane Helene Connectivity
- Hackers Utilize GOLD SALEM to Infiltrate Networks and Evade Security Measures, Deploying Warlock Ransomware
- Strengthening Resistance Against Combined Risks in an Age Characterized by Authoritarian Technology
