DigitalCIO
No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
DigitalCIO
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
No Result
View All Result
Digitalcio
No Result
View All Result
Home Tech News

Old Vulnerabilities In Cisco Secure ASA Software And Cisco Secure FTD Software Still Being Exploited

DigitalCIO Bureau by DigitalCIO Bureau
November 7, 2025
in Tech News
0
HCLTech and Cisco Enhance Collaborative Environment for Modern Hybrid Workplaces
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

Network security vendor Cisco has issued an urgent warning over a series of sophisticated and persistent cyberattacks targeting its popular security products, specifically the Cisco Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) software.

The attacks, which have been ongoing since May 2025, have recently resulted in a new, critical variant that requires immediate action from customers to avoid serious disruptions.

On November 5, 2025, Cisco released an update announcing its awareness of a new attack variant. This variant targets unpatched devices and exploits vulnerabilities (designated CVE-2025-20333 and CVE-2025-20362) to cause a Denial of Service (DoS) condition. This results in an unexpected restart of firewall devices, potentially leading to a temporary network security outage.

Cisco urges all affected customers to immediately upgrade to the corrected software versions to eliminate the risk of DoS attacks.

Cisco describes the attack campaign as highly sophisticated. Initial observations in May 2025 involved compromises of certain ASA 5500-X Series devices with enabled VPN web services. The attackers’ goal was to install malware, execute commands, and potentially steal data.

Cisco notes that the attackers exploited multiple zero-day vulnerabilities (as yet unknown security flaws). They also used advanced evasion techniques, such as disabling logging and deliberately crashing devices to hinder forensic investigations.

The company estimates with high confidence that these recent activities are related to the same threat actor previously responsible for the infamous ArcaneDoor attack campaign in 2024.

A particularly concerning finding is that the attackers modified the firmware, specifically the ROMMON, on some compromised devices. This modification allowed the attackers to remain persistent within the network, even after a device reboot or software update.

This method of ensuring persistence has only been observed on older models of the Cisco ASA 5500-X Series, which lack modern security mechanisms like Secure Boot . Cisco has found no evidence of successful compromises or persistence on newer platforms that do feature these technologies.

Customers are strongly advised to follow Cisco’s guidance to determine their exposure and apply the recommended security updates as soon as possible.

Tags: CISCO
Share30Tweet19
DigitalCIO Bureau

DigitalCIO Bureau

Recommended For You

TCS Launches Industrial AI Solutions Lab in Bengaluru Powered by NVIDIA

by DigitalCIO Bureau
July 15, 2026
0
TCS Launches Industrial AI Solutions Lab in Bengaluru Powered by NVIDIA

New Physical AI facility at TCS Global Axis Campus will accelerate AI-led mobility and industrial solutions using NVIDIA AI Infrastructure Tata Consultancy Services (TCS) today announced the launch...

Read moreDetails

Vi brings 24X7 Live Darshan of Shree Jagannath Rath Yatra 2026 on Vi Movies & TV

by DigitalCIO Bureau
July 15, 2026
0
Vi brings 24X7 Live Darshan of Shree Jagannath Rath Yatra 2026 on Vi Movies & TV

Vi customers anywhere in India can view Live Relay of the 12 Day Rath Yatra festivities, directly from Puri As Lord Jagannath, Lord Balabhadra and Devi Subhadra prepare...

Read moreDetails

TCS Becomes Technology and Innovation Partner to New York’s New Terminal One at JFK Airport

by DigitalCIO Bureau
July 14, 2026
0
TCS Becomes Technology and Innovation Partner to New York’s New Terminal One at JFK Airport

TCS will strengthen the digital foundation for the new airport terminal, creating a next-generation guest experience that drives airline cost efficiencies and raises the bar for international travel...

Read moreDetails

KaarTech Recognized Among India’s Top 100 Best Companies to Work For 2026

by DigitalCIO Bureau
July 14, 2026
0
KaarTech Recognized Among India’s Top 100 Best Companies to Work For 2026

KaarTech Recognized Among India's Top 100 Best Companies to Work For 2026 in the Large Enterprises Category by Great Place To Work India KaarTech has been recognized among...

Read moreDetails

TCS and ABB sign multi-million, multi-year deal to transform global network operations with AI

by DigitalCIO Bureau
July 13, 2026
0
TCS and ABB sign multi-million, multi-year deal to transform global network operations with AI

This expanded collaboration will deliver an AI-driven, secure, and standardized digital infrastructure to support ABB’s global network operations The deal marks a 20-year partnership milestone that reinforces the...

Read moreDetails
Next Post
World Password Day: “Focus must shift from relying on passwords alone to building integrated, intelligent security”

Password Alert: '123456' And 'Minecraft' Remain Most Used

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

AppViewX Announces Advanced Low-Code Elements and Reporting Capabilities

March 6, 2019

Microsoft Surface delivered double-digit growth

January 31, 2019
Nokia selected by Vodafone Idea as major 4G and 5G partner in India

Nokia Concludes Sale of Alcatel Submarine Networks to French State

January 8, 2025

Browse by Category

  • Acquisition
  • Appointment
  • Archive
  • Artificial Intelligence
  • CIO Interviews
  • Cloud
  • Datacenter
  • Events and Conferences
  • Market Insights
  • News
  • Opinion and Analysis
  • Products
  • Resources
  • Security
  • Storage
  • Tech News
  • Telecom
Digitalcio

Welcome to DigitalCIO, your ultimate source for staying ahead in the ever-evolving world of technology and business.

BROWSE BY TAG

Accenture Acquisition AI Appointment artificial intelligence Artificial Intelligence and Machine Learning AWS Big Data and Analytics Blockchain CISCO Cloud Computing Cloudflare Collaboration CrowdStrike Cybersecurity Digital Transformation E-books Enterprises Fortinet Gartner Generative AI Google Cloud HCLTech IBM India Infographics Infosys Internet of Things (IoT) Kaspersky Microsoft NTT DATA NVIDIA Palo Alto Networks Panel Discussion Partnership Sophos Strategic Partnership Tata Consultancy Services TCS Tenable Trend Micro Veeam Webinars Whitepaper Zscaler

CATEGORIES

  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
  • Archive

NAVIGATION

  • Home
  • About Us
  • Advertise with Us
  • Contact Us

© 2024 digitalcio.in - All rights reserved.

No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources

© 2024 digitalcio.in - All rights reserved.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?