The Canadian Centre for Cyber Security (Cyber Centre), a part of the Communications Security Establishment Canada (CSE), is urging Canadian organizations to take immediate action to protect themselves in response to a serious new cyber security threat identified today by Cisco: Cisco Event Response: Continued Attacks Against Cisco Firewalls. This threat affects end-of-life Cisco ASA devices.
Timing is crucial when vulnerabilities like these are identified. We strongly recommend network defenders bolster their defences based on our latest alert and advisory, and apply appropriate patches immediately.
- Read the Cyber Centre's alert on this threat: AL25-012 - Vulnerabilities impacting Cisco ASA and FTD devices – CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363
- Read the Cyber Center's advisory on this threat: Cisco security advisory (AV25-619)
This threat activity uses advanced techniques to avoid detection, making it difficult to identify through conventional means. If you believe your organization may be affected, please call us 1-833-CYBER-88 or email contact@cyber.gc.ca as soon as possible.
Quotes
"This is a critical moment for Canadian organizations. Threat actors are targeting legacy systems with increasing sophistication. I urge all critical infrastructure sectors to act swiftly. The Cyber Centre stands ready to assist. Early action is the best defence to protect your systems and safeguard your information."
- Rajiv Gupta, Head of the Canadian Centre for Cyber Security
Background
The Cyber Centre is aware of cyber threat activity against Cisco ASA 5500-X Series devices involving the deployment of highly sophisticated malware, targeting global organizations. These types of devices are commonly used by organizations across Canada.
Expert teams at the Cyber Centre are actively investigating the vulnerability’s scope and have initiated outreach to support stakeholders and coordinate a unified response.
Together, through vigilance and collective action, we can continue to strengthen Canada’s cyber resilience from coast to coast to coast.
For more information on vulnerabilities, please visit the Cyber Centre’s Alerts and advisories page.
For best practices, please visit the Cyber Centre’s Guidance page.