Executive Gov
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news
No Result
View All Result
Executive Gov
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news
No Result
View All Result
Executive Gov
No Result
View All Result
Home Cybersecurity

CISA Emergency Directive Warns of Zero-Day Flaws in Cisco ASA, Firepower Devices

by Elodie Collins
September 26, 2025
in Cybersecurity, News
Madhu Gottumukkala, acting director at CISA. Gottumukkala warned against the cyber campaign targeting Cisco products

Madhu Gottumukkala, acting director at the Cybersecurity and Infrastructure Security Agency, warned against a Cisco flaw that hackers are exploiting with "alarming ease" to maintain persistence on a device and access a victim's network.

The Cybersecurity and Infrastructure Security Agency has published an emergency directive to warn against attackers targeting vulnerabilities affecting Cisco Adaptive Security Appliances, or ASA, web services.

Table of Contents

    • You might also like
    • VA Names Lee Payne Acting Under Secretary for Health
    • CISA Expects Final CIRCIA Rule in September
    • BAE Systems Lands DOW Funding for Radiation-Hardened Chip Production
  • Details of the Cisco ASA Vulnerability
  • What Agencies Must Do

You might also like

VA Names Lee Payne Acting Under Secretary for Health

CISA Expects Final CIRCIA Rule in September

BAE Systems Lands DOW Funding for Radiation-Hardened Chip Production

In the memo issued Thursday, CISA said all federal civilian executive branch departments and agencies must take actions to prevent or respond to compromises.

For more updates from CISA and the entirety of the Homeland Security Department, make sure to send the best and brightest from your GovCon company to Potomac Officers Club’s 2025 Homeland Security Summit on Nov. 12. Register for this essential networking and technology conference now!

“As the lead for federal cybersecurity, CISA is directing federal agencies to take immediate action due to the alarming ease with which a threat actor can exploit these vulnerabilities, maintain persistence on the device, and gain access to a victim’s network,” according to Madhu Gottumukkala, the agency’s acting director. “The same risks apply to any organizations using these devices. We strongly urge all entities to adopt the actions outlined in this Emergency Directive.”

Details of the Cisco ASA Vulnerability

CISA confirmed a widespread campaign targeting Cisco ASA and Firepower devices through zero-day vulnerabilities that allow remote code execution and privilege escalation.

According to Cisco, the campaign is connected to the ArcaneDoor cyberattacks the company first detected and reported in early 2024. ArcaneDoor, the company warned, has demonstrated the capability to modify read-only memory, or ROM, to maintain system access despite multiple reboots and software upgrades.

What Agencies Must Do

CISA is directing government agencies and other organizations impacted to account for all in-scope devices, gather forensic data and assess for possible compromises. Agencies are also advised to disconnect end-of-support devices and upgrade software to their latest versions.

Cisco has already released patches to address the vulnerabilities.

CISA Emergency Directive Warns of Zero-Day Flaws in Cisco ASA, Firepower Devices
Stay connected via Google News
Follow us for the latest travel updates and guides.
Add as preferred source on Google
Share5Tweet19

Recommended For You

VA Names Lee Payne Acting Under Secretary for Health

by Jane Edwards
July 8, 2026
Lee Payne. The VA deputy under secretary for health has been named the department’s acting under secretary.

VA Acting Under Secretary for Health Lee Payne has led EHR modernization effortsPayne brings more than 30 years of military healthcare leadershipThe 2026 Healthcare Summit will examine federal...

Read moreDetails

CISA Expects Final CIRCIA Rule in September

by Jane Edwards
July 8, 2026
Cybersecurity and Infrastructure Security Agency logo. CISA expects to issue the final rule implementing CIRCIA in September.

CIRCIA reporting requirements are nearing implementationMore federal cyber rules are expected this fallThe 2026 Homeland Security Summit will explore AI, cyber defense and moreThe Department of Homeland Security's...

Read moreDetails

BAE Systems Lands DOW Funding for Radiation-Hardened Chip Production

by Miles Jamison
July 8, 2026
Michael Cadenazzi. The DOW assistant secretary discussed the investment in BAE Systems to expand RHM production.

The investment will expand domestic production of radiation-hardened microelectronics for defense applicationsBAE Systems will restore its RH45 Storefront to support trusted chip manufacturingThe effort is intended to strengthen...

Read moreDetails

Army Launches xTech Competition for Low-Cost Interceptors

by Miles Jamison
July 8, 2026
Daniel Driscoll. The Army secretary discusses the xTech|Apex Intercept competition for low-cost interceptor development.

The Army aims to accelerate the development of low-cost interceptor technologiesThe xTech|Apex Intercept Competition targets innovations in interceptors, rocket motors, seekers and fire controlThe initiative supports the Army's...

Read moreDetails

US Navy Seeks Industry Input for Next Generation Undersea Security Initiative

by Jamie Bennet
July 8, 2026
U.S. Navy. The Navy's Strategic Systems Programs issued a sources sought notice for its next-gen undersea security project.

The U.S. Navy Strategic Systems Programs has released a sources sought notice to support its Next Generation Undersea Security InitiativeNG-USI has 22 focus areas, ranging from signal mitigation...

Read moreDetails
Sign Up For Our Newsletter
Subscribe to our mailing list to receives daily updates direct to your inbox!
Invalid email address
Your privacy is guranteed.
Thanks for subscribing!

Sponsors

About ExecutiveGov

ExecutiveGov, published by Executive Mosaic, is a site dedicated to the news and headlines in the federal government. ExecutiveGov serves as a news source for the hot topics and issues facing federal government departments and agencies such as Gov 2.0, cybersecurity policy, health IT, green IT and national security. We also aim to spotlight various federal government employees and interview key government executives whose impact resonates beyond their agency.

CATEGORIES

  • Acquisition & Procurement
  • Announcements
  • Articles
  • Artificial Intelligence
  • Awards
  • Big Data & Analytics News
  • C4ISR
  • Civilian
  • Cloud
  • Contract Awards
  • Cybersecurity
  • Defense And Intelligence
  • Defense Security Cooperation
  • DHS
  • Digital Assets
  • Digital Modernization
  • DoD
  • Events
  • Executive Moves
  • Executive Spotlights
  • Federal Civilian
  • Financial Reports
  • Foreign Military Sales
  • General News
  • GovCon Expert
  • Government Cloud
  • Government Technology
  • GSA
  • Healthcare IT
  • Industry News
  • Intelligence
  • Legislation
  • M&A Activity
  • National Security
  • News
  • Policy Updates
  • Press Releases
  • Profiles
  • Space
  • Videos
  • Wash100
Sign Up For Our Newsletter
Subscribe to our mailing list to receives daily updates direct to your inbox!
Invalid email address
Your privacy is guranteed.
Thanks for subscribing!

Copyright 2026 Executive Mosaic. All Rights Reserved.

No Result
View All Result
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news

Copyright 2026 Executive Mosaic. All Rights Reserved.

Get your free GovCon news!

Get your latest GovCon news and insights. Become a VIP and subscribe to the GovConWire Daily News.

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
Thanks for subscribing!