CISA Sends Emergency Directive to Mitigate Potential Compromise of Cisco Devices, Threat Actors Actively Target Cisco Vulnerabilities

(TLP:CLEAR) Today, CISA sent an Emergency Directive (ED) titled “Identify and Mitigate Potential Compromise of Cisco Devices,” and highlighted an ongoing campaign by an advanced threat actor targeting Cisco Adaptive Security Appliances (ASA). The campaign is widespread and involves exploiting zero-day vulnerabilities to gain unauthenticated remote code execution on ASAs, as well as manipulating read-only memory (ROM) to persist through reboot and system upgrade.

WaterISAC strongly recommends utilities address the Cisco vulnerabilities mentioned by following the actions described in CISA’s emergency directive…