Cisco Secure Firewall firmware & security update watch

Current status

One high-value Cisco Secure Firewall record is now indexed

Cisco's advisory estate is still broad, but the site now has one public Secure Firewall record because the official source clearly names affected hardware, first fixed ASA and FTD releases, and the operator action Cisco wants customers to take.

Indexed nowCisco's April 2026 persistence-response advisory tied to Secure Firewall ASA and FTD after the CISA ED 25-03 update.

Still not in scopeGeneric Cisco advisories without crisp Secure Firewall version guidance, or filler pages that say Cisco is covered when it is not.

active exploitation response2026-04-23

Cisco Secure Firewall ASA/FTD persistence response after CISA ED 25-03 update

Cisco says affected Secure Firewall ASA and FTD hardware may retain a persistent implant even after upgrading to the September 2025 fixes, so operators should check for compromise, reimage if needed, and move to the listed fixed ASA and FTD releases and hotfixes.

AffectedFirepower 1000/2100/4100/9300 and Secure Firewall 1200/3100/4200 platforms.

Fixed version(s)ASA 9.16.4.92, 9.18.4.135, 9.20.4.30, 9.22.3.5, 9.23.1.195, 9.24.1.155; FTD 7.0.9 + FZ-7.0.9.1-3, 7.2.11 + HI-7.2.11.1-1, 7.4.7, 7.6.4 + CC-7.6.4.1-1, 7.7.11 + AE-7.7.11.1-4.

Official advisory ↗ Cisco security advisories ↗ Cisco Secure Firewall release notes ↗

Editorial rule

What would make a Cisco record worth publishing here

An official Cisco advisory or release reference tied clearly to Secure Firewall, FTD, or FMC.
Affected trains named precisely enough that an operator can decide whether to care.
A fixed version or upgrade target stated explicitly by Cisco.
Enough operator value to beat the current Fortinet and Zyxel firewall lane instead of diluting it.