The Cybersecurity and Infrastructure Security Agency has published an emergency directive to warn against attackers targeting vulnerabilities affecting Cisco Adaptive Security Appliances, or ASA, web services.
In the memo issued Thursday, CISA said all federal civilian executive branch departments and agencies must take actions to prevent or respond to compromises.
For more updates from CISA and the entirety of the Homeland Security Department, make sure to send the best and brightest from your GovCon company to Potomac Officers Club’s 2025 Homeland Security Summit on Nov. 12. Register for this essential networking and technology conference now!
“As the lead for federal cybersecurity, CISA is directing federal agencies to take immediate action due to the alarming ease with which a threat actor can exploit these vulnerabilities, maintain persistence on the device, and gain access to a victim’s network,” according to Madhu Gottumukkala, the agency’s acting director. “The same risks apply to any organizations using these devices. We strongly urge all entities to adopt the actions outlined in this Emergency Directive.”
Table of Contents
Details of the Cisco ASA Vulnerability
CISA confirmed a widespread campaign targeting Cisco ASA and Firepower devices through zero-day vulnerabilities that allow remote code execution and privilege escalation.
According to Cisco, the campaign is connected to the ArcaneDoor cyberattacks the company first detected and reported in early 2024. ArcaneDoor, the company warned, has demonstrated the capability to modify read-only memory, or ROM, to maintain system access despite multiple reboots and software upgrades.
What Agencies Must Do
CISA is directing government agencies and other organizations impacted to account for all in-scope devices, gather forensic data and assess for possible compromises. Agencies are also advised to disconnect end-of-support devices and upgrade software to their latest versions.
Cisco has already released patches to address the vulnerabilities.
Related Articles
President Donald Trump has signed an executive order approving a proposed deal that would keep video-sharing platform TikTok operational in the U.S. while protecting national security. Engage with U.S. military leaders and top industry experts at the Potomac Officers Club’s 2025 GovCon International and Global Defense Summit as they tackle global defense challenges, from supply chain risks to sanctions and international regulations. Save your spot now for this Oct. 16 event to gain critical insights and connect with key decision-makers! ‘Qualified Divestiture’ of TikTok’s US Operations In a fact sheet published Thursday, the White House said TikTok’s U.S. operations would
Retired Vice Adm. Scott Pappano has been confirmed as principal deputy administrator for the National Nuclear Security Administration. According to Congress records, legislators voted 51-47 to appoint Pappano. He also confirmed his new position in a LinkedIn post Thursday. Who Is Scott Pappano? President Donald Trump nominated Pappano to be principal deputy administrator for NNSA in February. Pappano is a seasoned military leader who most recently served as principal military deputy assistant secretary of the Navy for research, development and acquisition. He also held leadership positions at the Special Operations Forces Mobility Program Office and the Strategic and Attack Submarine
The General Services Administration and xAI have signed an agreement to make the latter’s Grok frontier artificial intelligence models available to federal agencies through March 2027. GSA said Thursday the partnership with xAI is part of the agency’s OneGov initiative, which aims to simplify the procurement of AI tools to help accelerate federal AI adoption. The new deal is reportedly the lowest price yet for an AI offering through the partnership. “Widespread access to advanced AI models is essential to building the efficient, accountable government that taxpayers deserve—and to fulfilling President Trump’s promise that America will win the global AI