The Cybersecurity and Infrastructure Security Agency issued Emergency Directive 26-03 today, ordering all federal civilian agencies to patch a critical zero-day vulnerability in Cisco ASA and Firepower firewalls within 48 hours.
The vulnerability, tracked as CVE-2026-1847 with a CVSS score of 10.0, allows unauthenticated remote code execution through crafted SSL VPN packets. CISA confirmed that the flaw is being actively exploited by a state-sponsored threat actor targeting government networks.
Cisco released patches overnight and urged all customers, not just government agencies, to apply them immediately. Organizations unable to patch within the deadline must disconnect affected devices from the network entirely.
