As you may be aware, the Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to identify and mitigate recently discovered Cisco zero-day vulnerabilities.

https://www.cisa.gov/news-events/news/cisa-issues-emergency-directive-requiring-federal-agencies-identify-and-mitigate-cisco-zero-day

We would like to inform you that Squirrel Compliancy Solutions has completed the necessary Common Vulnerabilities and Exposures (CVEs) related to this directive. These updates are now available for download on the Squirrel Support Portal.

For your convenience, please find below the links to the CVEs as provided by Cisco:

• CVE-2025-20333 Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability

  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB

• CVE-2025-20362 Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability

  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW

In addition to the above CVEs, we are also releasing coverage for:

• CVE-2025-20352 Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability

  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte

Please note that to use these rules, your system must be running Squirrel Defender version 2.3.MR0.1.0.0.G. The required patch is also available on the Support Portal.

If you require any assistance with patching or accessing the updates, please open a support ticket through the portal, and our team will be happy to help.