Cyber Alert: Malware Targeting Through Cisco Systems

Attention HIROC Subscribers:

As your proactive partner in safety, HIROC is sharing the following important notice.

Please share this Alert with your Information Technology (IT) team, Information Security Management team, Chief Information Officer, Chief Technology Officer and as appropriate with your users, to raise awareness about a potential cyber threat and to address potential risks promptly.

This Cyber Alert stems from a notification sent by the Canadian Centre for Cyber Security (Cyber Centre) on September 25, 2025. The notice highlights the following, “Urging Canadian organizations to take immediate action to protect themselves in response to a serious new cyber security threat identified by Cisco. This threat affects end-of-life Cisco ASA devices.”

We at HIROC want to raise awareness of a serious new cybersecurity threat that is being actively exploited worldwide. Cisco published security advisories regarding critical vulnerabilities—CVE-2025-20333, CVE-2025-20362, and CVE-2025-20363—affecting Cisco Adaptive Security Appliance (ASA) software and Cisco Secure Firewall Threat Defense (FTD) software.

“Timing is crucial when vulnerabilities like these are identified. We strongly recommend network defenders bolster their defences based on our latest alert and advisory, and apply appropriate patches immediately.” Statement from the Canadian Centre for Cyber Security on malware targeting global organizations through Cisco Systems, September 25, 2025 

HIROC strongly encourages IT administrators and technology leaders to review the alerts from the Canadian Centre for Cyber Security (CCCS) and Cisco and apply necessary mitigation strategies based on your exposures.  

• Review the following resources from the Canadian Centre for Cyber Security:
  • Alert - AL25-012 - Vulnerabilities impacting Cisco ASA and FTD devices – CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363
  • Advisory -                                                                                                                                        Cisco security advisory (AV25-619)
• Review all associated alerts issued by Cisco:
  • Critical - Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability
  • Critical - Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability
  • Medium - Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability

Additionally, work with your information security team and relevant vendor(s) to identify potential active exploitation of this vulnerability in your environment. If you suspect a breach, please contact HIROC via the contact information provided below right away. We are here for you!

In the event of a cyber loss, please contact HIROC’s Claims Department at [email protected].

For Healthcare Safety and Risk Management resources and advice, please contact us at [email protected]. 

If you have any questions about this Alert, please contact Kopiha Nathan, HIROC’s Privacy and Compliance Officer at [email protected].

Thank you for your vigilance and attention to this matter.