CISA Emergency Directive 25-03 for Cisco ASA zero-day risk
Public Sector Action
Summary
Hide ▲
Show ▼
CISA issued Emergency Directive 25-03, ordering Federal Civilian Executive Branch Departments and Agencies to inventory and assess Cisco Adaptive Security Appliances (ASA) exposed to a zero-day threat. The directive requires agencies to collect forensic data and use CISA-provided procedures and tools to check for compromise. It also sets a firm deadline of 11:59 PM EST on September 26, 2025 for disconnecting end-of-support devices and upgrading systems that remain in service.
Related Happenings
Congress demands CISA answers on GitHub credential leak
Public Sector Action
First: 22.05.2026 19:34
Last: 22.05.2026 19:34
Sources 1
About this happening:
**Lawmakers in both houses of Congress** demanded answers from **CISA** after a contractor exposed **AWS GovCloud keys** and other secrets on **public GitHub**. The letters presse...
Congress demands CISA answers on GitHub credential leak
Public Sector ActionAbout this happening: **Lawmakers in both houses of Congress** demanded answers from **CISA** after a contractor exposed **AWS GovCloud keys** and other secrets on **public GitHub**. The letters presse...
CISA KEV order for Copy Fail on federal Linux devices
Public Sector Action
First: 08.05.2026 10:45
Last: 08.05.2026 10:45
Sources 1
About this happening:
**CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...
CISA KEV order for Copy Fail on federal Linux devices
Public Sector ActionAbout this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...
CISA releases CI Fortify guidance for critical infrastructure resilience
Public Sector Action
First: 05.05.2026 15:00
Last: 05.05.2026 15:00
Sources 1
About this happening:
CISA released CI Fortify, guidance for critical infrastructure operators across sectors to help keep essential services running during cyberattack or crisis conditions. The framew...
CISA releases CI Fortify guidance for critical infrastructure resilience
Public Sector ActionAbout this happening: CISA released CI Fortify, guidance for critical infrastructure operators across sectors to help keep essential services running during cyberattack or crisis conditions. The framew...
Latest development: 06.05.2026 16:15
CISA launched CI Fortify on Tuesday as a planning framework for critical infrastructure operators in water, energy, transportation and communications to prepare for cyber disruption by disconnecting OT systems from third-party and business networks, maintaining essential services in degraded communications conditions, and recovering compromised systems through backups, component replacement, or a transition to manual operations.
Cisco ASA/FTD code execution and authentication bypass flaws (multiple vulnerabilities)
Vulnerability
First: 24.04.2026 20:06
Last: 24.04.2026 20:06
Sources 1
About this happening:
**Cisco ASA/FTD** vulnerabilities **CVE-2025-20333** and **CVE-2025-20362** are still under **active exploitation** and can be chained for **unauthenticated remote control** of af...
Cisco ASA/FTD code execution and authentication bypass flaws (multiple vulnerabilities)
VulnerabilityAbout this happening: **Cisco ASA/FTD** vulnerabilities **CVE-2025-20333** and **CVE-2025-20362** are still under **active exploitation** and can be chained for **unauthenticated remote control** of af...
CISA KEV directive for CVE-2026-20133
Public Sector Action
First: 21.04.2026 15:30
Last: 21.04.2026 15:30
Sources 1
About this happening:
On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...
CISA KEV directive for CVE-2026-20133
Public Sector ActionAbout this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...
Timeline
-
25.09.2025 15:00 2 articles · 8mo ago
CISA issues Emergency Directive 25-03 for Cisco ASA zero-day risk
Initial DisclosureCISA issued Emergency Directive 25-03 in response to an advanced threat actor targeting Cisco Adaptive Security Appliances (ASA) via web services, after identifying zero-day vulnerabilities that can persist through reboots and system upgrades. The directive orders Federal Civilian Executive Branch Departments and Agencies to account for in-scope devices, collect forensic data, and assess any compromises using CISA-provided procedures and tools.
Show sources
- CISA Issues Emergency Directive Requiring Federal Agencies to Identify and Mitigate Cisco Zero-Day Vulnerabilities — www.cisa.gov — 25.09.2025 15:00
- CISA Issues Emergency Directive Requiring Federal Agencies to Identify and Mitigate Cisco Zero-Day Vulnerabilities — www.cisa.gov — 25.09.2025 15:00
-
25.09.2025 15:00 1 articles · 8mo ago
Federal agencies face September 26 remediation deadline for Cisco ASA devices
Mitigation Patch UpdateFederal Civilian Executive Branch Departments and Agencies must disconnect end-of-support Cisco Adaptive Security Appliances (ASA) and upgrade remaining devices by 11:59 PM EST on September 26, 2025, while also using CISA-provided procedures and tools to account for in-scope devices, collect forensic data, and assess compromises.
Show sources
- CISA Issues Emergency Directive Requiring Federal Agencies to Identify and Mitigate Cisco Zero-Day Vulnerabilities — www.cisa.gov — 25.09.2025 15:00