• Hello and welcome! Register to enjoy full access and benefits:

    • Advertise in the Marketplace section for free.
    • Get more visibility with a signature link.
    • Company/website listings.
    • Ask & answer queries.
    • Much more...

    Register here or log in if you're already a member.

  • 🎉 WHV has crossed 35,000 monthly views (unique) and 208,000 clicks per month, as per Google Analytics! Thank you for your support! 🎉

Cisco Warns: Firewall Bugs Now Exploited in Active DoS Attacks

johny899

New Member
Content Writer
Messages
748
Reaction score
3
Points
23
Balance
$923.2USD
Hi, I was wondering if you had heard of the recent Cisco firewall vulnerabilities. It appears that several serious bugs in Cisco's firewalls are now being leveraged by hackers to crash systems and conduct DoS (Denial-of-Service) attacks. I came across the details on BleepingComputer, and to be honest, this poses a serious risk to anybody utilizing Cisco equipment.

What's going on?​

Cisco discovered two dangerous vulnerabilities - CVE-2025-20362 and CVE-2025-20333 - that attackers are actually exploiting.
  • The first vulnerability essentially allows anybody to access restricted areas of the firewall without signing in.
  • The second vulnerability allows attackers to execute code on the device once they gain access.
When taken together, these vulnerabilities give attackers total access to your firewall. I know what you're thinking...yikes!

Relatedly, it is alarming that hackers are now using these vulnerabilities, not simply to gain access, but to purposely cause firewalls to crash. They have devices constantly restarting, thereby terminating Internet access and knocking networks offline.

Why this is important​

If your Cisco ASA or FTD firewall has not been patched, you put your network at risk. These firewalls are at the center of your network, like security at the front door. If they fail, everything behind them becomes vulnerable.

In full disclosure, I have been guilty of being lazy on updates before. After reading this, I checked my setup immediately after reading this. Just imagine losing your entire network because you missed an update -- that's not a headache you want to deal with.

What you should do right now​

Here's a short list of things to do to ensure your network is secure:
  • Right now update your firewalls applying Cisco's latest patches.
  • Examine how many of your devices are exposed to the internet and how many of those devices are online.
  • Limit who can log into firewall management, only trusted IPs should be allowed.
  • Be mindful of strange behavior, such as random reboots or disconnections.
  • Replace any older hardware that will not have the ability to be patched again.
Researchers have identified over 34,000 Cisco firewalls that are publicly exposed to the internet. That is an insurmountable amount of targets for any team of attackers.
 
Last edited:
You must log in or register to reply here.
Menu
Log in
Register