The Register: Warnings about Cisco vulns under active exploit are falling on deaf ears

Sep 30, 2025

—

Source URL: https://www.theregister.com/2025/09/30/cisco_firewall_vulns/
Source: The Register
Title: Warnings about Cisco vulns under active exploit are falling on deaf ears

Feedly Summary: 50,000 firewall devices still exposed
Nearly 50,000 Cisco ASA/FTD instances vulnerable to two bugs that are actively being exploited by “advanced" attackers remain exposed to the internet, according to Shadowserver data.…

AI Summary and Description: Yes

Summary: The text highlights a significant security risk involving nearly 50,000 Cisco ASA/FTD firewall devices that are currently exposed to the internet due to two known vulnerabilities. These vulnerabilities are reportedly being exploited by advanced attackers, underscoring the urgent need for organizations to prioritize their security measures in order to protect critical infrastructure.

Detailed Description: The revelation that approximately 50,000 firewall devices are exposed showcases a critical vulnerability in a widely used security infrastructure. Cisco’s ASA (Adaptive Security Appliance) and FTD (Firepower Threat Defense) devices are integral to network security for many organizations. The active exploitation of vulnerabilities by sophisticated attackers poses severe risks that could lead to unauthorized access, data breaches, and other cyber threats.

– **Key Points:**
– **Vulnerability Exposure**: Nearly 50,000 Cisco ASA/FTD instances are susceptible to two specific vulnerabilities that are actively being exploited.
– **Nature of Attackers**: The vulnerabilities are being targeted by “advanced” attackers, indicating a higher level of sophistication and potential consequences for those organizations affected.
– **Urgency for Security Measures**: Organizations using these devices must take prompt action to secure their networks by applying patches or implementing additional security controls.
– **Broader Implications**: The findings also reflect a systemic issue where widely deployed firewalls may remain unprotected or outdated, increasing the risk of large-scale attacks.

Given these insights, security and compliance professionals should consider conducting regular audits and vulnerability assessments on their infrastructure to mitigate risks associated with such exposed devices. Implementing patch management processes and adopting a Zero Trust approach could significantly enhance the overall security posture.

2 2025 3 5 a access Act active exploitation adaptive adaptive security advanced advanced attackers age AI All and app as assessment assessments at ated attack attacker attackers attacks audit Audits being Bi breach breaches Bug bugs by C CI CIA Cisco co compliance compliance professionals control controls critical critical infrastructure critical vulnerability Current cyber cyber threat cyber threats D data data breach Data breaches de defense device e exp exploit Exploitation firewall firewalls for g Gen GIS gs H high Highlight HR http HTTPS implications in infrastructure insights Instance inter intern internet io issue ite k Key known vulnerabilities l large Lead led level Li M man management measures N network network security networks no o of on ons opt organization organizations oS other out over Patch Patch Management patches phi point post potential Power pro process processes professionals prompt ps Q R RCE re report Risk risks Ro RoT Rust s Scale sec secure security security and compliance security controls security infrastructure security measure security measures security posture security risk sequence server SHA Shadowserver side Sig SoC sophistication source specific SSE SSO system T target targeted ted text the threat threats to TP trust two UN unauthorized access under US use uth V vulnerabilities vulnerability vulnerability assessment vulnerability assessments vulnerability exposure Wi x z zero Zero Trust Zero Trust approach