25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Urgent Patching Required to Fix Actively Exploited Cisco Flaws

Posted By on Nov 14, 2025

Threat actors are actively exploiting multiple Cisco vulnerabilities for which patches were previously issued in August; however, attacks are ongoing, including attacks on devices that have been improperly patched.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a cybersecurity alert this week about two critical Cisco vulnerabilities – CVE-2025-30333 and CVE-2025-20362 – affecting Cisco Adaptive Security Appliances (ASA) and Firepower devices. The vulnerabilities affect devices running Cisco Secure ASA Software or Cisco Secure FTD Software and have CVSS v3.1 base scores of 9.9 and 9.8. The vulnerabilities can be exploited by sending specially crafted HTTP requests to a vulnerable web server on a device.

Cisco issued patches to fix the vulnerabilities in August this year, warning that hackers could exploit the flaws to execute commands at a high privilege level. The flaws allow threat actors to access restricted URL endpoints that should be inaccessible without authentication. By exploiting the flaws, attackers can execute code on vulnerable devices. If the vulnerabilities are chained, an attacker can gain full control of the devices. At the time the patches were issued, Cisco warned that the vulnerabilities had already been exploited as zero-days in the ArcaneDoor campaign, which exploited two other flaws.

While many organizations applied the patches and believed they were protected against exploitation, in some cases, the patches were applied without updating the minimum software version, leaving the organizations vulnerable to exploitation. “In CISA’s analysis of agency-reported data, CISA has identified devices marked as ‘patched’ in the reporting template, but which were updated to a version of the software that is still vulnerable to the threat activity outlined in the [Emergency Directive], explained CISA in the alert. “CISA recommends all organizations verify the correct updates are applied.” CISA has published guidance on patching the two vulnerabilities and warned that immediate patching is required, including on devices that are not exposed to the Internet.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist