Source linked

CISA Issues V1 Emergency Directive on Cisco Device Compromise

cisa.gov@policy_brief3 hours ago·Technology Policy·0 comments

CISA updated Emergency Directive 25-03 with new required actions and an additional reporting requirement for federal agencies running affected Cisco products.

cisacybersecurityciscounited statesemergency directive

CISA issued V1 of Emergency Directive 25-03, titled "Identify and Mitigate Potential Compromise of Cisco Devices," superseding the original ED 25-03 required actions. The directive applies to any federal agency running affected Cisco products and includes updated required actions as well as a new reporting requirement.

What Changed

V1 expands on the original ED 25-03 requirements with new mandatory steps for agencies. The exact technical actions are detailed in the directive document, but the key operational change is the addition of an explicit reporting obligation beyond the initial identification and mitigation steps. Agencies must now report findings to CISA as part of the compliance cycle.

Who Is Affected

All U.S. federal civilian executive branch agencies that operate affected Cisco devices are subject to this directive. While the order is binding only on federal agencies, the underlying vulnerability or compromise campaign may have broader implications for any organisation using the same Cisco products, including enterprises and service providers in India, UAE, and South Asia. Operators outside the U.S. should assess their own Cisco deployments against the indicators described in the directive.

Compliance Timeline

V1 takes effect immediately upon publication. Agencies must implement the updated required actions without delay. The reporting requirement must be fulfilled as specified in the directive. No grace period or phased rollout is indicated.

Operational Impact

Compliance teams running Cisco devices should review the full text of ED 25-03 V1, available at the CISA website, to identify the specific actions and technical indicators. For Indian, UAE, and South Asian operators not directly bound by CISA directives, this is a strong signal to proactively scan for signs of compromise on Cisco infrastructure and align with the mitigation steps. Monitor CISA for any further updates or threat intelligence related to this campaign.

Source: V1: ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices
Domain: cisa.gov

Read original source ->

External source stays available while the OJO article and comment thread stay local.

More in Technology Policy

view topic
Lummis-led senators warn Treasury's vague stablecoin rules could freeze states out

Bipartisan senators demand written procedural guidance for states to prove their stablecoin supervision is on par with federal regulators, warning the current Treasury proposal lacks timelines and could block state...

Pentagon Cuts 200-Hour Report Writing to 5 Hours with Gemini

Department of Defense CTO Emil Michael says generative AI on the GenAI.mil platform slashes congressionally mandated report writing from 200 hours to five.

Binance Says Greek Regulator Approved Its MiCA License, Report Says Otherwise

Reuters claims Greece's HCMC will reject Binance's MiCA application by month-end. Binance fires back saying the regulator already deemed it compliant.

DOJ Tells Court xAI's Unpermitted Gas Turbines Are a National Security Imperative

The Justice Department sided with xAI against the NAACP, arguing that 57 unpermitted gas turbines powering AI data centers are critical for military operations, despite health concerns.

Comments load interactively on the live page.