CISA: Firestarter persists on Cisco

Firewall malware is usually a race against time. You find the bug, patch the box, and move on. FIRESTARTER breaks that rhythm. CISA and the U.K.’s NCSC say attackers have been using it on Cisco ASA and Firepower devices to keep access even after a victim updates software. Cisco’s own advisory goes further — the persistence mechanism can survive upgrades to the fixed releases published in September 2025. (cisa.gov) ### What is FIRESTARTER, exactly? It’s a backdoor planted on Cisco security appliances — the same boxes many companies use as edge firewalls or VPN gateways. Once installed, it gives an attacker a way back in without needing to re-exploit the original bug every time. That matters because these devices sit at the network boundary. If an attacker owns the boundary, they often own the path back into everything behind it. (cisa.gov) ### How did attackers get in? CISA and NCSC tie the activity to exploitation of two Cisco flaws — CVE-2025-20333 and CVE-2025-20362 — in ASA firmware. Those bugs were serious enough that CISA put them in its Known Exploited Vulnerabilities catalog and issued Emergency Directive 25-03 to federal agencies in September 2025. So this is not a hypothetical chain. The initial access route was already live in the wild. (cisa.gov) ### Why is persistence the scary part? Because patching fixes the door, not the intruder already inside. FIRESTARTER is built to remain active on affected ASA and Firepower Threat Defense systems after patching, which means an organization can do the “right” thing and still stay comp(cisa.gov)ity management. It’s eradication. (cisa.gov) ### What does Cisco want defenders to do? Cisco says organizations need to identify possible compromise, not just install fixed code. Its advisory points to the April 23, 2026 CISA update to ED 25-03 and says the newly identified persistence mechanism may remain preserved across upgrades to the fixed releases. In plain English — if the device was already hit, (cisa.gov)teps, and incident-response actions aimed at the malware itself. (sec.cloudapps.cisco.com) ### Why does this matter beyond Cisco? Because the same week brought two more reminders that “trusted tool” does not mean “safe by default.” A critical Gemini CLI issue let untrusted workspaces in headless environments create a path to host code execution and supply-chain abuse; patched versi(sec.cloudapps.cisco.com)tributing a trojanized installer from April 8, 2026, using a valid developer certificate to hide the tampering. (github.com) ### Why group these stories together? Because they all hit the same weak assumption — that an update, a signed installer, or a familiar admin tool is enough to restore trust. Turns out trust is now the thing under attack. In the Daemon Tools case, Kaspersky said second-stage payloads were selectively delivered and victims included manufacturing and government targets. (github.com)orkflows, where tools often run with broad permissions and little human review. (industrialcyber.co) ### So what’s the bottom line? If a Cisco firewall was exposed to those 2025 bugs, patching is only step one. The real question is whether the box was already modified — and whether you can prove it is clean now. That is the shift in this story. Security teams are being told to stop treating persistence as an edge case and start treating it as the default failure mode for high-value infrastructure. (cisa.gov)