Close Menu

    Subscribe to Updates

    Get the latest tech news from Tallwire.

      What's Hot

      U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

      July 16, 2026

      AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

      July 16, 2026

      Record Industry Pushes for AI Labels on Streaming Music

      July 15, 2026
      Facebook X (Twitter) Instagram
      • Tech
      • AI
      • Get In Touch
      Facebook X (Twitter) LinkedIn
      TallwireTallwire
      • Tech

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

        July 14, 2026

        AI Protesters March on Silicon Valley Giants Demanding Development Freeze

        July 14, 2026
      • AI

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Record Industry Pushes for AI Labels on Streaming Music

        July 15, 2026

        AI Chatbots Increasingly Clash With Eating Disorder Treatment

        July 15, 2026

        Anthropic Doubles Down on New York as AI Talent War Intensifies

        July 15, 2026
      • Security

        China’s AI Distillation Campaign Raises New Concerns Over U.S. Technology Security

        July 13, 2026

        AI Tools Increasingly Exploited by Terrorist Organizations, New Research Finds

        July 13, 2026

        Pentagon Expands Engineering Recruitment to Restore America’s Military Technology Edge

        July 13, 2026

        EU Lawmakers Advance Controversial Private Message Scanning Measure Despite Mounting Privacy Concerns

        July 12, 2026

        Scramble Intensifies to Secure America Against Emerging AI National Security Threats

        July 12, 2026
      • Health

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        AI Chatbots Increasingly Clash With Eating Disorder Treatment

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Humanoid Robots Complete First Live Surgical Procedures in Medical Milestone

        July 14, 2026

        Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

        July 14, 2026
      • Science

        AI Chatbots Face Growing Scrutiny as Mental Health Risks Draw Medical Alarm

        July 16, 2026

        U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

        July 16, 2026

        Scientists Advance “StormWall” Concept to Defend Earth from Catastrophic Solar Storms

        July 15, 2026

        Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

        July 15, 2026

        Humanoid Robots Complete First Live Surgical Procedures in Medical Milestone

        July 14, 2026
      • Tech

        AI Protesters March on Silicon Valley Giants Demanding Development Freeze

        July 14, 2026

        Palo Alto Networks CEO Warns AI Costs Must Plunge Before Enterprise Adoption Can Accelerate

        July 14, 2026

        DeepMind Unionization Effort Encounters Early Resistance as Labor Talks Stall

        July 11, 2026

        Always-On Workplace Culture Pushes Employees Toward the Breaking Point

        July 10, 2026

        High-Income Families Embrace AI-Driven Schools as Alternative Education Expands

        July 9, 2026
      TallwireTallwire
      Home»Tech»Emergency Orders as Cisco Firewalls Come Under Widespread Zero-Day Attack
      Tech

      Emergency Orders as Cisco Firewalls Come Under Widespread Zero-Day Attack

      Updated:December 25, 20254 Mins Read
      Facebook Twitter Pinterest LinkedIn Tumblr Email
      Emergency Orders as Cisco Firewalls Come Under Widespread Zero-Day Attack
      Emergency Orders as Cisco Firewalls Come Under Widespread Zero-Day Attack
      Share
      Facebook Twitter LinkedIn Pinterest Email

      Federal cybersecurity authorities have issued a top-level directive mandating U.S. civilian agencies to immediately detect, isolate, and patch certain Cisco firewall systems following active exploitation of zero-day vulnerabilities. The order, stemming from Emergency Directive 25-03 by CISA, targets two newly identified flaws (CVE-2025-20333 and CVE-2025-20362) in Cisco ASA and FTD software that attackers have successfully chained to gain remote code execution and persistence—even surviving reboots and firmware upgrades. The campaign, linked to the ArcaneDoor operation, reportedly leverages deep device tampering, disabled logging, and bootloader manipulation to persist in critical government networks. Many agencies are now racing to inventory affected systems and apply patches by tight deadlines or risk forced disconnection of unsupported devices.

      Sources: Bleeping Computer, CyberScoop

      Key Takeaways

      – The zero-day flaws targeted (CVE-2025-20333 and CVE-2025-20362) allow attackers to bypass authentication, execute code, and remain persistent even across system updates.

      – The CISA emergency directive demands federal agencies respond within a day—inventory devices, disconnect compromised units, apply patches, and retire end-of-support gear.

      – The threat actor is tied to a sophisticated espionage campaign known as ArcaneDoor, which has previously compromised Cisco infrastructure globally using custom malware and boot-level exploits.

      In-Depth

      On September 25, 2025, CISA (the Cybersecurity and Infrastructure Security Agency) issued Emergency Directive 25-03, compelling federal civilian agencies to confront an immediate national cybersecurity emergency. The directive arises from active, sophisticated exploitation of newly discovered zero-day vulnerabilities in Cisco’s Adaptive Security Appliance (ASA) and Firepower / Threat Defense (FTD) firewalls. The duo of flaws—tracked as CVE-2025-20333 and CVE-2025-20362—are already being chained in live attacks to give attackers unauthenticated remote code execution and unauthorized access to restricted web endpoints. In real terms, hackers can breach firewall devices, implant malware, manipulate boot code to survive reboots, disable logging, crash devices to evade diagnostics, and maintain stealthy footholds in government networks.

      CISA’s directive demands that agencies immediately catalog all Cisco ASA and Firepower devices in their environments, take forensic images of suspected systems, cut off any devices showing signs of compromise, apply the vendor’s patches where possible, and permanently decommission devices that are out of support—all by mid-day September 26 for patching, and by September 30 for device retirement of unsupported units. The urgency is extreme because these vulnerabilities are now listed in CISA’s Known Exploited Vulnerabilities catalog, meaning they are confirmed to be used in active attacks. As part of the mitigation, agencies also must submit reports on their findings, suspicious activity, and future action plans.

      The cosmic significance here lies in attribution and persistence. Cisco and CISA link the campaign to a well-known espionage operation dubbed ArcaneDoor, first observed in 2023 and tied to custom malware (Line Dancer, Line Runner) and boot-level attacks. That suggests that the attackers are not amateur threat actors but state-level adversaries with deep knowledge of Cisco’s internal firmware, ROM monitors, and exploit chaining. Earlier ArcaneDoor strikes compromised global government entities by exploiting other zero-days in ASA/FTD systems; now, attackers have weaponized fresh vulnerabilities and turned them into a “living” threat that can survive firmware upgrades.

      Adding to the concern: authorities in the UK’s NCSC warn that ASA 5500-X devices lacking secure boot protections are especially vulnerable. The complexity of these attacks underscores why edge firewalls and perimeter gear—long considered hardened enforcers of network security—are now prime targets. The flaws are no longer speculative risks but active, exploited gateways into critical infrastructure.

      For federal agencies, private sector partners, and network defenders, the lesson is stark: assume perimeter devices may already be compromised, act quickly to rebuild trust in network boundaries, and prioritize lifecycle management so legacy gear doesn’t become an entry point. Time is short, complexity is high, and adversaries appear to be one step ahead.

      Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
      Previous ArticleElon Musk’s xAI Launches New AI Software Firm “Macrohard” to Challenge Microsoft
      Next Article Emergent Snags $23M in Series A to Democratize App Building

      Related Posts

      U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

      July 16, 2026

      Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

      July 15, 2026

      Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

      July 15, 2026

      Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

      July 14, 2026
      Add A Comment
      Leave A Reply Cancel Reply

      Editors Picks

      U.S. Biotechs Turn to Secrecy as China Accelerates Drug Development Race

      July 16, 2026

      Fiat Bets on Tiny EV as Affordable Transportation Returns to the Spotlight

      July 15, 2026

      Personalized UVB Device Promises Vitamin D Benefits While Raising Questions About Medicalizing Everyday Health

      July 15, 2026

      Meta Patent Ignites Fresh Fears Over AI-Powered Emotional Surveillance

      July 14, 2026
      Popular Topics
      Tesla Samsung Series A Tim Cook spotlight starlink Startup Stocks UAE Tech Taiwan Tech trending Satellite SpaceX Tesla Cybertruck Software Series B Satya Nadella Viral Space Sundar Pichai
      Major Tech Companies
      • Apple News
      • Google News
      • Meta News
      • Microsoft News
      • Amazon News
      • Samsung News
      • Nvidia News
      • OpenAI News
      • Tesla News
      • AMD News
      • Anthropic News
      • Elbit News
      AI & Emerging Tech
      • AI Regulation News
      • AI Safety News
      • AI Adoption
      • Quantum Computing News
      • Robotics News
      Key People
      • Sam Altman News
      • Jensen Huang News
      • Elon Musk News
      • Mark Zuckerberg News
      • Sundar Pichai News
      • Tim Cook News
      • Satya Nadella News
      • Mustafa Suleyman News
      Global Tech & Policy
      • Israel Tech News
      • India Tech News
      • Taiwan Tech News
      • UAE Tech News
      Startups & Emerging Tech
      • Series A News
      • Series B News
      • Startup News
      Tallwire
      Facebook X (Twitter) LinkedIn Threads Instagram RSS
      • Tech
      • Entertainment
      • Business
      • Government
      • Academia
      • Transportation
      • Legal
      • Press Kit
      © 2026 Tallwire. Optimized by ARMOUR Digital Marketing Agency.

      Type above and press Enter to search. Press Esc to cancel.