Cisco ASA Zero Day Under Active Exploitation CISA Orders Emergency Mitigations RayInitiator and LINE VIPER Detected
Cisco has confirmed active exploitation of multiple vulnerabilities in the VPN/web services of Cisco Secure Firewall (ASA) and FTD. Threat actors chained a missing-authorization flaw with a separate web-service buffer overflow to achieve remote code execution and deploy persistent tooling. Government partners and national CERTs have supported the investigation and issued mitigations; CISA has published Emergency Directive ED 25-03 and added the exploited CVEs to its KEV catalog.