Cisco has issued an urgent advisory for two actively exploited zero-day vulnerabilities (CVE-2025-20333, CVSS 9.9; CVE-2025-20362, CVSS 6.5) in its Secure Firewall ASA and FTD Software, which allow unauthenticated remote code execution and persistence. The U.S. CISA has issued an emergency directive, mandating federal agencies to mitigate these flaws within 24 hours due to an ongoing, widespread exploitation campaign by advanced threat actor UAT4356 (Storm-1849), posing a significant risk to affected networks and highlighting critical cybersecurity exposure for enterprises utilizing these perimeter security solutions.
Cisco Systems (CSCO) is facing a severe cybersecurity incident involving two actively exploited zero-day vulnerabilities in its core Secure Firewall products, ASA and FTD software. The criticality is underscored by one vulnerability (CVE-2025-20333) carrying a CVSS score of 9.9, which, when chained with the second flaw, allows for unauthenticated remote code execution. The situation's gravity is amplified by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issuing a rare Emergency Directive (ED 25-03), mandating federal agencies to apply mitigations within 24 hours. The exploitation is attributed to a widespread campaign by a sophisticated threat actor, UAT4356 (Storm-1849), which has demonstrated the advanced capability to manipulate device ROM for persistence, a technique that fundamentally undermines hardware integrity and poses a significant, long-term risk to affected networks. This event, under investigation with multiple international cyber agencies, directly challenges the reputation of Cisco's security business, as the exploitation has been ongoing since at least early 2024, raising questions about detection and product security.
AI-powered research, real-time alerts, and portfolio analytics for institutional investors.
Overall Sentiment
strongly negative
Sentiment Score
-0.85
Ticker Sentiment
