Federal civilian agencies are failing to adequately patch vulnerable Cisco devices, leaving them exposed to ongoing exploitation by threat actors. CISA has identified devices that remain vulnerable despite being reported as patched, emphasizing the urgent need for corrective action. #CISA #CiscoVulnerabilities
Keypoints
- CISA issued an emergency directive to address two critical Cisco firewall vulnerabilities.
- Many federal agencies have not properly patched or replaced affected Cisco devices.
- Chinese threat group Storm-1849 was linked to scanning and exploiting these vulnerabilities.
- The vulnerabilities, CVE-2025-30333 and CVE-2025-20362, are actively being exploited worldwide.
- CISA recommends urgent patching and device updates to prevent further exploitation.
Read More: https://therecord.media/federal-cisco-patches-warning