On Friday, the Australian Signals Directorate (ASD) have become aware of a new malware affecting some Cisco products in the Firepower and Secure Firewall products. This is classified as a medium threat with a score of 6.5 and bypasses the authentication process due to the devices improper validation user supplied inputs.
The resolution is thankfully simple, Update the software on your devices (to version 9.12/9.14) and restart your units during a low impact period, preferably during a scheduled outage as soon as possible. BribieIsland-IT security team note that if standard business practices are followed, the risk of this threat is minimal; Run updates on your systems and devices on a regular schedule during mandatory maintenance periods.
More information can be found here:
https://www.cve.org/CVERecord?id=CVE-2025-20362
Image icon used with permission with thanks: Icon by 365psd.com on FreeImages