CyberSecurityBoard
Sponsor Register Login

Cisco warns of ASA firewall zero-days exploited in attacks

Cisco has issued a critical security warning regarding two zero-day vulnerabilities actively exploited in its Adaptive Security Appliance (ASA) firewalls. These vulnerabilities allow attackers to execute remote code and potentially take full control of affected devices, posing significant risks to network security. The flaws, identified as CVE-2024-20016 and CVE-2024-20017, have been leveraged in targeted attacks, emphasizing the urgency for organizations to apply patches and mitigations promptly. Cisco's advisory details the attack vectors, impact, and recommended remediation steps to protect infrastructure from these exploits. This incident highlights the persistent threat landscape targeting firewall devices, which are crucial for perimeter defense in enterprise environments. Security teams are urged to prioritize updates and monitor for indicators of compromise related to these zero-days to prevent potential breaches and data loss.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 25 Sep 2025 16:50:13 +0000


Cyber News related to Cisco warns of ASA firewall zero-days exploited in attacks

CVE-2012-5010 - ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 8.4.x before 8.4.7 Interim, ...
2 years ago
Check Point released hotfix for actively exploited VPN zero-day - MUST READ. Check Point released hotfix for actively exploited VPN zero-day. Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Apple ...
1 year ago Securityaffairs.com CVE-2024-23222 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109
Top 10 Best Linux Firewalls - 2025 - It protects computers/networks via secure programming.1. Old PCs only boot from CDROM, while network boot requires a net card with a boot ROM.2. Its web interface is very user-friendly and makes usage easy.2. User-created rules take longer to ...
8 months ago Cybersecuritynews.com
What Is a Host-Based Firewall? Definition & When to Use - Organizations often use host-based firewalls when specific network applications or services require open communication channels that aren't allowed under default firewall settings. To install a host-based firewall across all endpoints, choose your ...
1 year ago Esecurityplanet.com
Sav-Rx data breach impacted over 2.8 million individuals - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks. Microsoft fixed two zero-day bugs exploited in malware ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 APT29 BianLian
New MOVEit Transfer critical bug is actively exploited - MUST READ. New MOVEit Transfer critical bug is actively exploited. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. PoC ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109 Rocke
Cisco patches IOS XE zero-days used to hack over 50,000 devices - Cisco has addressed the two vulnerabilities that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. The free software release comes after a threat actor leveraged the security issues as zero-days to compromise and ...
2 years ago Bleepingcomputer.com CVE-2023-20198
Healthcare firm WebTPA data breach impacted 2.5M individuals - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 APT29 BianLian
9 Best Next-Generation Firewall Solutions for 2023 - Next-generation firewalls are network security solutions that go beyond the traditional port/protocol inspection by incorporating application-level inspection, intrusion prevention, and external threat intelligence. As the third generation in ...
2 years ago Esecurityplanet.com
newsletter Round 473 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-46747 CVE-2023-46748 CVE-2023-22515 APT29 Rocke BianLian
What Is a Firewall Policy? Ultimate Guide - A firewall policy is a set of rules and standards designed to control network traffic between an organization's internal network and the internet. There are key components to consider, main types of firewall policies and firewall configurations to be ...
1 year ago Esecurityplanet.com
Cisco discloses new IOS XE zero-day exploited to deploy malware implant - Cisco disclosed a new high-severity zero-day today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week. The company said it found a fix for both vulnerabilities ...
2 years ago Bleepingcomputer.com CVE-2023-20198 CVE-2023-20273 CVE-2021-1435
Ivanti Connect Secure zero-days now under mass exploitation - Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control appliances are now under mass exploitation. As discovered by threat intelligence company Volexity, which also first spotted the zero-days ...
1 year ago Bleepingcomputer.com CVE-2023-46805 CVE-2024-21887 CVE-2021-22893
Easy Firewall Implementation & Configuration for Small and Medium Businesses - Here at Cisco, we've developed industry-leading firewalls designed specifically for the needs of SMBs. Our Secure Firewalls for small businesses help simplify security, with streamlined implementation at a price point that is affordable. Once you ...
1 year ago Feedpress.me
North Korean Kimsuky used a new Linux backdoor in recent attacks - Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw. Threat actors exploited Palo Alto Pan-OS issue to deploy a Python Backdoor. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 ...
1 year ago Securityaffairs.com CVE-2022-38028 CVE-2020-3259 CVE-2023-22515 APT28 APT29 BianLian
Apple fixes two new iOS zero-days in emergency updates - Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year. "Apple is aware of a report that this issue may ...
2 years ago Bleepingcomputer.com CVE-2023-42916 CVE-2023-42917
newsletter Round 478 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2024-0204 CVE-2023-49103 CVE-2023-38831 CVE-2023-22515 APT29 BianLian
Impact of Remote Work and Cloud Migrations on Security Perimeters - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 CVE-2023-40044 APT29 BianLian
newsletter Round 474 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. Critical Fortinet's ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-49103 CVE-2023-22515 APT28 APT29 BianLian
Secure Workload and Secure Firewall: The recipe for a robust zero trust cybersecurity strategy - You hear a lot about zero trust microsegmentation these days and rightly so. While a host-based enforcement approach is immensely powerful because it provides access to rich telemetry in terms of processes, packages, and CVEs running on the ...
2 years ago Feedpress.me
CVE-2017-6607 - A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache. The vulnerability is due to a flaw in ...
2 years ago
Over 10,000 Cisco devices hacked in IOS XE zero-day attacks - Attackers have exploited a recently disclosed critical zero-day bug to compromise and infect more than 10,000 Cisco IOS XE devices with malicious implants. The list of products running Cisco IOS XE software includes enterprise switches, aggregation ...
2 years ago Bleepingcomputer.com CVE-2023-20198
Top 12 Firewall Best Practices to Optimize Network Security - The consistent implementation of firewall best practices establish a strong defense against cyber attacks to secure sensitive data, protect the integrity and continuity of business activities, and ensure network security measures function optimally. ...
2 years ago Esecurityplanet.com
Top Ten FirewallasaService Companies - Firewall as a Service (FWaaS) is a way of providing firewall functionality in the cloud, rather than on the traditional network perimeter. This is beneficial for businesses that have migrated their data and applications to the cloud, as it allows ...
2 years ago Cybersecuritynews.com
What Are Firewall Rules? Ultimate Guide - Firewall rules are preconfigured, logical computing controls that give a firewall instructions for permitting and blocking network traffic. Network admins must configure firewall rules that protect their data and applications from threat actors. ...
1 year ago Esecurityplanet.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)