Ongoing attacks: Over 2300 Cisco firewalls in Germany still vulnerable
2300 Cisco firewalls are vulnerable in Germany. Administrators of Cisco ASA and FTD firewalls should install the available security updates immediately.
(Image: Gorodenkoff/Shutterstock.com)
According to statistics from the security researchers at Shadowserver, tens of thousands of Cisco firewalls worldwide are still vulnerable. Security patches are available but have obviously not yet been installed everywhere. Instances in Germany are also affected.
Patch now!
By successfully exploiting a “critical” vulnerability (CVE-2025-20333), attackers with root privileges can push malicious code onto systems and compromise them. The vulnerability is found in the VPN web server component of Cisco Secure Firewall Adaptive Security Appliance (ASA) software and Cisco Secure Firewall Threat Defense (FTD) software.
After entering certain data, admins will find information on suitable security patches in a warning message. The vulnerabilities have been known since the end of last week.
Videos by heise
Worldwide attacks
Current statistics from Shadowserver show that there are still vulnerable instances all over the world. The USA tops the list with almost 20,000 firewalls. In Germany, almost 2400 instances are still vulnerable at the time of writing. As a result, admins should act immediately and protect their networks from the current attacks by installing security patches.
(des)
