Consumer Rights Wiki - User contributions [en]

Cisco Requiring a service contract to download in-support device firmware

2026-04-14T01:32:30Z

Dperrigo: Added Backround Section

{{IncidentCargo
|Company=Cisco Systems Inc.
|Status=Active
|ArticleType=Product
|Type=Right to Repair, Ownership, Anti-consumer Behavior
|Description=Cisco requires a service contract and account to download currently supported services and devices.
|StartDate=11-02-2013}}

Some Cisco products such as the Cisco ISR 1000 series require an active service contract from Cisco to download any files such as firmware, software, patches, etc. This makes updating devices to their latest respective versions increasingly harder, as you are [[Forced account|required to sign in]] to an account and pay a subscription fee just to update components of the device that you already own. "To Download this software, you must have a valid service contract associated to your Cisco.com profile"<ref>{{Cite web |date=2026-02-25 |title=Cisco 1000 Series Integrated Services Routers download page showing "Service Contract Required" |url=https://www.cisco.com/c/en/us/support/routers/1000-series-integrated-services-routers-isr/series.html#~tab-downloads |url-status=live |archive-url=https://web.archive.org/web/20250831232702/https://www.cisco.com/c/en/us/support/routers/1000-series-integrated-services-routers-isr/series.html#~tab-downloads |archive-date=2025-08-31 |access-date=2026-02-25 |website=Cisco Product Support}}</ref>

==Background==
The earliest occurrence of this practice is from a Cisco forum post from user Elrick Landon reaching out for assistance to update his Cisco 2821<ref name=":0">{{Cite web |last=Landon |first=Elrick |date=11-02-2013 |title=Why i can't download IOS => "Service contract required" ???!!! |url=https://community.cisco.com/t5/cisco-bug-discussions/why-i-can-t-download-ios-gt-quot-service-contract-required-quot/td-p/2406920 |url-status=live |archive-url=https://web.archive.org/web/20260414010534/https://community.cisco.com/t5/cisco-bug-discussions/why-i-can-t-download-ios-gt-quot-service-contract-required-quot/td-p/2406920 |archive-date=2026-04-13 |access-date=2026-04-13 |website=Cisco Community}}</ref>. A Cisco employee Phillip Remaker responded advising, "Cisco software updates do require a service contract. A service contract also provides phone support, hardware replacement and access to advanced tooling on cisco.com. You can get software updates without a service contract to fix security problems."<ref name=":0" />

While Cisco's security vulnerability policy currently states "All customers, regardless of support contract status, may be eligible to receive reasonable support for security incidents that impact them that involve Cisco products or services."<ref name=":1">{{Cite web |date=2025-09-08 |title=Security Vulnerability Policy |url=https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html |url-status=live |archive-url=https://web.archive.org/web/20260414011316/https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html |archive-date=2026-04-13 |access-date=2026-04-13 |website=Cisco Security}}</ref> they also advise in the same policy that "All aspects of this process are subject to change without notice and on a case-by-case basis. No particular level of response is guaranteed for any specific issue or class of issues."<ref name=":1" />

==References==
{{reflist}}

{{Ph-I-C}}
[[Category:Cisco Systems, Inc.]]

Talk:Cisco Systems, Inc.

2026-03-26T02:22:59Z

Dperrigo: /* Remove the "," from the title. */ new section

== Remove the "," from the title. ==

I believe due to the title having a "," when selecting "Cisco Systems, Inc" for new articles it will split up "Cisco Systems" and "Inc" in certain fields.

This also breaks hyperlinks as "Cisco Systems" is one and "Inc" is another which takes you to a non-existent page. [[User:Dperrigo|Dperrigo]] ([[User talk:Dperrigo|talk]]) 02:22, 26 March 2026 (UTC)

Cisco Requiring a service contract to download in-support device firmware

2026-03-26T02:19:28Z

Dperrigo: Fixed Company

Cisco Requiring a service contract to download in-support device firmware

2026-03-26T02:18:04Z

Dperrigo: Category

{{IncidentCargo
|Company=Cisco Systems, Inc.
|Status=Active
|ArticleType=Product
|Type=Right to Repair, Ownership, Anti-consumer Behavior
|Description=Cisco requires a service contract and account to download currently supported services and devices.
}}Some Cisco products such as the Cisco ISR 1000 series require an active service contract from Cisco to download any files such as firmware, software, patches, etc. This makes updating devices to their latest respective versions increasingly harder, as you are [[Forced account|required to sign in]] to an account and pay a subscription fee just to update components of the device that you already own. "To Download this software, you must have a valid service contract associated to your Cisco.com profile"<ref>{{Cite web |date=2026-02-25 |title=Cisco 1000 Series Integrated Services Routers download page showing "Service Contract Required" |url=https://www.cisco.com/c/en/us/support/routers/1000-series-integrated-services-routers-isr/series.html#~tab-downloads |url-status=live |archive-url=https://web.archive.org/web/20250831232702/https://www.cisco.com/c/en/us/support/routers/1000-series-integrated-services-routers-isr/series.html#~tab-downloads |archive-date=2025-08-31 |access-date=2026-02-25 |website=Cisco Product Support}}</ref>

==Background==
{{Ph-I-B}}

==[Incident]==
{{Ph-I-I}}

===[Company]'s response===
{{Ph-I-ComR}}

==Lawsuit==
{{Ph-I-L}}

==Consumer response==
{{Ph-I-ConR}}

==References==
{{reflist}}

{{Ph-I-C}}
[[Category:Cisco Systems, Inc.]]

Cisco Requiring a service contract to download in-support device firmware

2026-03-26T02:17:41Z

Dperrigo: Added Description

Cisco Requiring a service contract to download in-support device firmware

2026-03-26T02:10:45Z

Dperrigo: Created page with "{{IncidentCargo |Company=Cisco Systems, Inc. |Status=Active |ArticleType=Product |Type=Right to Repair, Ownership, Anti-consumer Behavior |Description=Cisco requires a service contract and account to download currently supported services and devices. }} {{Ph-I-Int}} ==Background== {{Ph-I-B}} ==[Incident]== {{Ph-I-I}} ===[Company]'s response=== {{Ph-I-ComR}} ==Lawsuit== {{Ph-I-L}} ==Consumer response== {{Ph-I-ConR}} ==References== {{reflist}}..."

Cisco Removing access to critical downloads for products that are end-of-support

2026-03-26T02:00:40Z

Dperrigo: Added Category

{{IncidentCargo
|Company=Cisco Systems Inc.
|Status=Active
|ProductLine=ASA Next-Generation Firewall Services, Centri Firewall, Compatible IntraGuard Firewall Series, ISA500 Integrated Security Appliances, PIX 500 Series Security Appliances, PIX Device Manager, PIX Firewall Software, SA500 Security Appliances, Secure Firewall Cloud Native, Sourcefire Defense Center, Sourcefire Virtual Defense Center, Access Control and Policy, Administrative Policy Engine, Authentication Agent, CSPM Lite Software, Global Roaming Server Software, Policy Administration Point, Policy Decision Point, Policy Enforcement Point, Secure Access Control Server, Secure User Registration Tool, Network Visibility and Segmentation, Identity Services Engine (ISE) 3300 Series Appliances, NAC Appliance (Clean Access), NAC Guest Server, NAC Legacy Software, NAC Manager and Server, NAC Profiler, Secure Access Control System, Secure Network Server (SNS) 3400 Series, Stealthwatch Identity, Trust Agent, VPN and Endpoint Security, 7100 7200 7400 Series VPN Routers, AnyConnect VPN Client, FireRunner, Hostscan, IDS Host Sensors, Intraport VPN Server Software, NAC Appliance 3100 and 3300 Series, Remote Access Security, Scanner, Secure Desktop, Secure Guest Control Server Software, Secure Managed Remote Access, Secure VPN Client, Security Agent, SSL VPN Client, Threat Grid - Appliance, Virtual Network Computing, VPN 3000 and VPN 3002 Client, VPN 3000 and 5000 Series Concentrators/Software, VPN 5000 Client Manager and Concentrator Software, VPN Client, VPN CVC Pro, Security Management Series, ASA Content Security and Control, DDoS Multidevice Management System, DDoS Web-based Management System, Guard DDoS Mitigation Appliances, IPS Manager Express, Multinet, Prime Security Manager, ProtectLink Security, Secure Policy Manager, Security Auditor, Security Monitoring Analysis and Response System, Traffic Anomaly Detectors, Trend Micro ProtectLink, IPS and NGIPS, IDS Sensor Software, IDS Unix Director, Incident Control System, Intrusion Prevention System, IPS 4200 4300 4500 Series Sensors, IPS Device Manager, IPS Threat Response, NetRanger Sensor, Network Traffic Analyst, Sourcefire 3D Sensor, Cloud Email Web Security, Cloud Access Security, Cloud Application Security, Cognitive Threat Analytics, Cyber Threat Defense, IOS Content Filtering, Scan Safe Web Security, SecureX, Spam and Virus Blocker, SSL Appliances, CiscoWorks Products, CiscoWorks Access Control List Manager, CiscoWorks Auto Update Server Software, CiscoWorks Incident Resolution Management, CiscoWorks Management Center for Security Agents, CiscoWorks Management Center for Firewalls, CiscoWorks Management Center for IPS Sensors, CiscoWorks Management Center for VPN Routers, CiscoWorks Monitoring Center for Performance, CiscoWorks Monitoring Center for Security, CiscoWorks Monitoring for Network Admission Control, CiscoWorks Rules Based Correlation, ASA 1000V Cloud Firewall, CiscoWorks Security Information Management Solution, CiscoWorks Security Portal, CiscoWorks VPN Monitor, CiscoWorks VPN/Security Management Solution, CiscoWorks Vulnerability Correlation
|ArticleType=Product
|Type=Ownership, Right to Repair
|Description=Cisco removes all downloads for products that are past their end-of-support date, which leaves no official way to acquire updates.
}}

==Removing access to critical downloads for products that are end-of-support==
Cisco removes all downloads for products that are past their end-of-support date, making it impossible to obtain software or firmware from official sources for your Cisco product. Cisco claims "'''Note:''' For security purposes, upon retirement of a product, Cisco Systems purposely removes documentation, downloads, and product pages from the Cisco.com website, though you may be able to obtain peer support in the Cisco Community."<ref name=":0">{{Cite web |date=2026-02-25 |title=Retired Products |url=https://www.cisco.com/c/en/us/support/security/retired.html |url-status=live |archive-url=https://web.archive.org/web/20260222210213/https://www.cisco.com/c/en/us/support/security/retired.html |archive-date=2026-02-22 |access-date=2026-02-25 |website=Cisco Product Support}}</ref>
[[File:Cisco_Security_removes_everything_for_discontinued_products.png|thumb|Cisco's Retired Products page with a note explaining that they purposely remove documentation, downloads and product pages from the Cisco.com website "for security purposes"]]
Due to the lack of current updates, end-of-life Cisco devices that are still used in production environments have been targeted with seven year old zero-day exploits.<ref>{{Cite web |date=2025-08-20 |title=FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage |url=https://thehackernews.com/2025/08/fbi-warns-russian-fsb-linked-hackers.html |url-status=live |archive-url=https://web.archive.org/web/20260208162147/https://thehackernews.com/2025/08/fbi-warns-russian-fsb-linked-hackers.html |archive-date=2026-02-08 |access-date=2026-03-18 |website=thehackernews}}</ref> Though these exploits have been patched in newer versions there is currently no public way to obtain these updates through Cisco's site.<ref>{{Cite web |date=2018-03-28 |title=Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability |url=https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2 |url-status=live |access-date=2026-03-18 |website=Cisco.com}}</ref>
==Consumer response==

Some consumers consider Cisco's actions to be [[security through obscurity]]. If you, a consumer, have obtained obsolete Cisco hardware and wish to utilize it in a working environment, Cisco has deliberately made it harder to update your device to shield against security issues, or add features.

==References==
{{reflist}}

{{Ph-I-C}}
[[Category:Cisco Systems, Inc.]]

Cisco Removing access to critical downloads for products that are end-of-support

2026-03-26T01:59:11Z

Dperrigo: Added Image

Cisco Removing access to critical downloads for products that are end-of-support

2026-03-26T01:56:31Z

Dperrigo: Changed mind about cargo description

{{IncidentCargo
|Company=Cisco Systems Inc.
|Status=Active
|ProductLine=ASA Next-Generation Firewall Services, Centri Firewall, Compatible IntraGuard Firewall Series, ISA500 Integrated Security Appliances, PIX 500 Series Security Appliances, PIX Device Manager, PIX Firewall Software, SA500 Security Appliances, Secure Firewall Cloud Native, Sourcefire Defense Center, Sourcefire Virtual Defense Center, Access Control and Policy, Administrative Policy Engine, Authentication Agent, CSPM Lite Software, Global Roaming Server Software, Policy Administration Point, Policy Decision Point, Policy Enforcement Point, Secure Access Control Server, Secure User Registration Tool, Network Visibility and Segmentation, Identity Services Engine (ISE) 3300 Series Appliances, NAC Appliance (Clean Access), NAC Guest Server, NAC Legacy Software, NAC Manager and Server, NAC Profiler, Secure Access Control System, Secure Network Server (SNS) 3400 Series, Stealthwatch Identity, Trust Agent, VPN and Endpoint Security, 7100 7200 7400 Series VPN Routers, AnyConnect VPN Client, FireRunner, Hostscan, IDS Host Sensors, Intraport VPN Server Software, NAC Appliance 3100 and 3300 Series, Remote Access Security, Scanner, Secure Desktop, Secure Guest Control Server Software, Secure Managed Remote Access, Secure VPN Client, Security Agent, SSL VPN Client, Threat Grid - Appliance, Virtual Network Computing, VPN 3000 and VPN 3002 Client, VPN 3000 and 5000 Series Concentrators/Software, VPN 5000 Client Manager and Concentrator Software, VPN Client, VPN CVC Pro, Security Management Series, ASA Content Security and Control, DDoS Multidevice Management System, DDoS Web-based Management System, Guard DDoS Mitigation Appliances, IPS Manager Express, Multinet, Prime Security Manager, ProtectLink Security, Secure Policy Manager, Security Auditor, Security Monitoring Analysis and Response System, Traffic Anomaly Detectors, Trend Micro ProtectLink, IPS and NGIPS, IDS Sensor Software, IDS Unix Director, Incident Control System, Intrusion Prevention System, IPS 4200 4300 4500 Series Sensors, IPS Device Manager, IPS Threat Response, NetRanger Sensor, Network Traffic Analyst, Sourcefire 3D Sensor, Cloud Email Web Security, Cloud Access Security, Cloud Application Security, Cognitive Threat Analytics, Cyber Threat Defense, IOS Content Filtering, Scan Safe Web Security, SecureX, Spam and Virus Blocker, SSL Appliances, CiscoWorks Products, CiscoWorks Access Control List Manager, CiscoWorks Auto Update Server Software, CiscoWorks Incident Resolution Management, CiscoWorks Management Center for Security Agents, CiscoWorks Management Center for Firewalls, CiscoWorks Management Center for IPS Sensors, CiscoWorks Management Center for VPN Routers, CiscoWorks Monitoring Center for Performance, CiscoWorks Monitoring Center for Security, CiscoWorks Monitoring for Network Admission Control, CiscoWorks Rules Based Correlation, ASA 1000V Cloud Firewall, CiscoWorks Security Information Management Solution, CiscoWorks Security Portal, CiscoWorks VPN Monitor, CiscoWorks VPN/Security Management Solution, CiscoWorks Vulnerability Correlation
|ArticleType=Product
|Type=Ownership, Right to Repair
|Description=Cisco removes all downloads for products that are past their end-of-support date, which leaves no official way to acquire updates.
}}

==Removing access to critical downloads for products that are end-of-support==
Cisco removes all downloads for products that are past their end-of-support date, making it impossible to obtain software or firmware from official sources for your Cisco product. Cisco claims "'''Note:''' For security purposes, upon retirement of a product, Cisco Systems purposely removes documentation, downloads, and product pages from the Cisco.com website, though you may be able to obtain peer support in the Cisco Community."<ref name=":0">{{Cite web |date=2026-02-25 |title=Retired Products |url=https://www.cisco.com/c/en/us/support/security/retired.html |url-status=live |archive-url=https://web.archive.org/web/20260222210213/https://www.cisco.com/c/en/us/support/security/retired.html |archive-date=2026-02-22 |access-date=2026-02-25 |website=Cisco Product Support}}</ref>

Due to the lack of current updates, end-of-life Cisco devices that are still used in production environments have been targeted with seven year old zero-day exploits.<ref>{{Cite web |date=2025-08-20 |title=FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage |url=https://thehackernews.com/2025/08/fbi-warns-russian-fsb-linked-hackers.html |url-status=live |archive-url=https://web.archive.org/web/20260208162147/https://thehackernews.com/2025/08/fbi-warns-russian-fsb-linked-hackers.html |archive-date=2026-02-08 |access-date=2026-03-18 |website=thehackernews}}</ref> Though these exploits have been patched in newer versions there is currently no public way to obtain these updates through Cisco's site.<ref>{{Cite web |date=2018-03-28 |title=Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability |url=https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2 |url-status=live |access-date=2026-03-18 |website=Cisco.com}}</ref>
==Consumer response==

Some consumers consider Cisco's actions to be [[security through obscurity]]. If you, a consumer, have obtained obsolete Cisco hardware and wish to utilize it in a working environment, Cisco has deliberately made it harder to update your device to shield against security issues, or add features.

==References==
{{reflist}}

{{Ph-I-C}}

Cisco Removing access to critical downloads for products that are end-of-support

2026-03-26T01:53:52Z

Dperrigo: Removed backround header, attempted to update Cargo Template

{{IncidentCargo
|Company=Cisco Systems Inc.
|Status=Active
|ProductLine=ASA Next-Generation Firewall Services, Centri Firewall, Compatible IntraGuard Firewall Series, ISA500 Integrated Security Appliances, PIX 500 Series Security Appliances, PIX Device Manager, PIX Firewall Software, SA500 Security Appliances, Secure Firewall Cloud Native, Sourcefire Defense Center, Sourcefire Virtual Defense Center, Access Control and Policy, Administrative Policy Engine, Authentication Agent, CSPM Lite Software, Global Roaming Server Software, Policy Administration Point, Policy Decision Point, Policy Enforcement Point, Secure Access Control Server, Secure User Registration Tool, Network Visibility and Segmentation, Identity Services Engine (ISE) 3300 Series Appliances, NAC Appliance (Clean Access), NAC Guest Server, NAC Legacy Software, NAC Manager and Server, NAC Profiler, Secure Access Control System, Secure Network Server (SNS) 3400 Series, Stealthwatch Identity, Trust Agent, VPN and Endpoint Security, 7100 7200 7400 Series VPN Routers, AnyConnect VPN Client, FireRunner, Hostscan, IDS Host Sensors, Intraport VPN Server Software, NAC Appliance 3100 and 3300 Series, Remote Access Security, Scanner, Secure Desktop, Secure Guest Control Server Software, Secure Managed Remote Access, Secure VPN Client, Security Agent, SSL VPN Client, Threat Grid - Appliance, Virtual Network Computing, VPN 3000 and VPN 3002 Client, VPN 3000 and 5000 Series Concentrators/Software, VPN 5000 Client Manager and Concentrator Software, VPN Client, VPN CVC Pro, Security Management Series, ASA Content Security and Control, DDoS Multidevice Management System, DDoS Web-based Management System, Guard DDoS Mitigation Appliances, IPS Manager Express, Multinet, Prime Security Manager, ProtectLink Security, Secure Policy Manager, Security Auditor, Security Monitoring Analysis and Response System, Traffic Anomaly Detectors, Trend Micro ProtectLink, IPS and NGIPS, IDS Sensor Software, IDS Unix Director, Incident Control System, Intrusion Prevention System, IPS 4200 4300 4500 Series Sensors, IPS Device Manager, IPS Threat Response, NetRanger Sensor, Network Traffic Analyst, Sourcefire 3D Sensor, Cloud Email Web Security, Cloud Access Security, Cloud Application Security, Cognitive Threat Analytics, Cyber Threat Defense, IOS Content Filtering, Scan Safe Web Security, SecureX, Spam and Virus Blocker, SSL Appliances, CiscoWorks Products, CiscoWorks Access Control List Manager, CiscoWorks Auto Update Server Software, CiscoWorks Incident Resolution Management, CiscoWorks Management Center for Security Agents, CiscoWorks Management Center for Firewalls, CiscoWorks Management Center for IPS Sensors, CiscoWorks Management Center for VPN Routers, CiscoWorks Monitoring Center for Performance, CiscoWorks Monitoring Center for Security, CiscoWorks Monitoring for Network Admission Control, CiscoWorks Rules Based Correlation, ASA 1000V Cloud Firewall, CiscoWorks Security Information Management Solution, CiscoWorks Security Portal, CiscoWorks VPN Monitor, CiscoWorks VPN/Security Management Solution, CiscoWorks Vulnerability Correlation
|ArticleType=Product
|Type=Ownership, Right to Repair
|Description=As Cisco devices reach end of life all downloads for the affected devices are removed from Cisco's website.<ref name=":0" />
}}

==Removing access to critical downloads for products that are end-of-support==
Cisco removes all downloads for products that are past their end-of-support date, making it impossible to obtain software or firmware from official sources for your Cisco product. Cisco claims "'''Note:''' For security purposes, upon retirement of a product, Cisco Systems purposely removes documentation, downloads, and product pages from the Cisco.com website, though you may be able to obtain peer support in the Cisco Community."<ref name=":0">{{Cite web |date=2026-02-25 |title=Retired Products |url=https://www.cisco.com/c/en/us/support/security/retired.html |url-status=live |archive-url=https://web.archive.org/web/20260222210213/https://www.cisco.com/c/en/us/support/security/retired.html |archive-date=2026-02-22 |access-date=2026-02-25 |website=Cisco Product Support}}</ref>

Due to the lack of current updates, end-of-life Cisco devices that are still used in production environments have been targeted with seven year old zero-day exploits.<ref>{{Cite web |date=2025-08-20 |title=FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage |url=https://thehackernews.com/2025/08/fbi-warns-russian-fsb-linked-hackers.html |url-status=live |archive-url=https://web.archive.org/web/20260208162147/https://thehackernews.com/2025/08/fbi-warns-russian-fsb-linked-hackers.html |archive-date=2026-02-08 |access-date=2026-03-18 |website=thehackernews}}</ref> Though these exploits have been patched in newer versions there is currently no public way to obtain these updates through Cisco's site.<ref>{{Cite web |date=2018-03-28 |title=Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability |url=https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2 |url-status=live |access-date=2026-03-18 |website=Cisco.com}}</ref>
==Consumer response==

Some consumers consider Cisco's actions to be [[security through obscurity]]. If you, a consumer, have obtained obsolete Cisco hardware and wish to utilize it in a working environment, Cisco has deliberately made it harder to update your device to shield against security issues, or add features.

==References==
{{reflist}}

{{Ph-I-C}}

Cisco Removing access to critical downloads for products that are end-of-support

2026-03-19T03:08:37Z

Dperrigo: Added Citations and more details under the Incident section.

{{IncidentCargo
|Company=Cisco Systems, Inc.
|Status=Active
|ProductLine=ASA Next-Generation Firewall Services, Centri Firewall, Compatible IntraGuard Firewall Series, ISA500 Integrated Security Appliances, PIX 500 Series Security Appliances, PIX Device Manager, PIX Firewall Software, SA500 Security Appliances, Secure Firewall Cloud Native, Sourcefire Defense Center, Sourcefire Virtual Defense Center, Access Control and Policy, Administrative Policy Engine, Authentication Agent, CSPM Lite Software, Global Roaming Server Software, Policy Administration Point, Policy Decision Point, Policy Enforcement Point, Secure Access Control Server, Secure User Registration Tool, Network Visibility and Segmentation, Identity Services Engine (ISE) 3300 Series Appliances, NAC Appliance (Clean Access), NAC Guest Server, NAC Legacy Software, NAC Manager and Server, NAC Profiler, Secure Access Control System, Secure Network Server (SNS) 3400 Series, Stealthwatch Identity, Trust Agent, VPN and Endpoint Security, 7100 7200 7400 Series VPN Routers, AnyConnect VPN Client, FireRunner, Hostscan, IDS Host Sensors, Intraport VPN Server Software, NAC Appliance 3100 and 3300 Series, Remote Access Security, Scanner, Secure Desktop, Secure Guest Control Server Software, Secure Managed Remote Access, Secure VPN Client, Security Agent, SSL VPN Client, Threat Grid - Appliance, Virtual Network Computing, VPN 3000 and VPN 3002 Client, VPN 3000 and 5000 Series Concentrators/Software, VPN 5000 Client Manager and Concentrator Software, VPN Client, VPN CVC Pro, Security Management Series, ASA Content Security and Control, DDoS Multidevice Management System, DDoS Web-based Management System, Guard DDoS Mitigation Appliances, IPS Manager Express, Multinet, Prime Security Manager, ProtectLink Security, Secure Policy Manager, Security Auditor, Security Monitoring Analysis and Response System, Traffic Anomaly Detectors, Trend Micro ProtectLink, IPS and NGIPS, IDS Sensor Software, IDS Unix Director, Incident Control System, Intrusion Prevention System, IPS 4200 4300 4500 Series Sensors, IPS Device Manager, IPS Threat Response, NetRanger Sensor, Network Traffic Analyst, Sourcefire 3D Sensor, Cloud Email Web Security, Cloud Access Security, Cloud Application Security, Cognitive Threat Analytics, Cyber Threat Defense, IOS Content Filtering, Scan Safe Web Security, SecureX, Spam and Virus Blocker, SSL Appliances, CiscoWorks Products, CiscoWorks Access Control List Manager, CiscoWorks Auto Update Server Software, CiscoWorks Incident Resolution Management, CiscoWorks Management Center for Security Agents, CiscoWorks Management Center for Firewalls, CiscoWorks Management Center for IPS Sensors, CiscoWorks Management Center for VPN Routers, CiscoWorks Monitoring Center for Performance, CiscoWorks Monitoring Center for Security, CiscoWorks Monitoring for Network Admission Control, CiscoWorks Rules Based Correlation, ASA 1000V Cloud Firewall, CiscoWorks Security Information Management Solution, CiscoWorks Security Portal, CiscoWorks VPN Monitor, CiscoWorks VPN/Security Management Solution, CiscoWorks Vulnerability Correlation
|ArticleType=Product
|Type=Ownership, Right to Repair
|Description=Cisco removes all downloads for products that are past their end-of-support date, which leaves no official way to acquire updates.
}}As Cisco devices reach end of life all downloads for the affected devices are removed from Cisco's website.<ref name=":0" />

==Background==
{{Ph-I-B}}

==Removing access to critical downloads for products that are end-of-support==
Cisco removes all downloads for products that are past their end-of-support date, making it impossible to obtain software or firmware from official sources for your Cisco product. Cisco claims "'''Note:''' For security purposes, upon retirement of a product, Cisco Systems purposely removes documentation, downloads, and product pages from the Cisco.com website, though you may be able to obtain peer support in the Cisco Community."<ref name=":0">{{Cite web |date=2026-02-25 |title=Retired Products |url=https://www.cisco.com/c/en/us/support/security/retired.html |url-status=live |archive-url=https://web.archive.org/web/20260222210213/https://www.cisco.com/c/en/us/support/security/retired.html |archive-date=2026-02-22 |access-date=2026-02-25 |website=Cisco Product Support}}</ref>

Due to the lack of current updates, end-of-life Cisco devices that are still used in production environments have been targeted with seven year old zero-day exploits.<ref>{{Cite web |date=2025-08-20 |title=FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage |url=https://thehackernews.com/2025/08/fbi-warns-russian-fsb-linked-hackers.html |url-status=live |archive-url=https://web.archive.org/web/20260208162147/https://thehackernews.com/2025/08/fbi-warns-russian-fsb-linked-hackers.html |archive-date=2026-02-08 |access-date=2026-03-18 |website=thehackernews}}</ref> Though these exploits have been patched in newer versions there is currently no public way to obtain these updates through Cisco's site.<ref>{{Cite web |date=2018-03-28 |title=Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability |url=https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2 |url-status=live |access-date=2026-03-18 |website=Cisco.com}}</ref>
==Consumer response==

Some consumers consider Cisco's actions to be [[security through obscurity]]. If you, a consumer, have obtained obsolete Cisco hardware and wish to utilize it in a working environment, Cisco has deliberately made it harder to update your device to shield against security issues, or add features.

==References==
{{reflist}}

{{Ph-I-C}}

Cisco Removing access to critical downloads for products that are end-of-support

2026-03-19T02:55:05Z

Dperrigo:

{{IncidentCargo
|Company=Cisco Systems, Inc.
|Status=Active
|ProductLine=ASA Next-Generation Firewall Services, Centri Firewall, Compatible IntraGuard Firewall Series, ISA500 Integrated Security Appliances, PIX 500 Series Security Appliances, PIX Device Manager, PIX Firewall Software, SA500 Security Appliances, Secure Firewall Cloud Native, Sourcefire Defense Center, Sourcefire Virtual Defense Center, Access Control and Policy, Administrative Policy Engine, Authentication Agent, CSPM Lite Software, Global Roaming Server Software, Policy Administration Point, Policy Decision Point, Policy Enforcement Point, Secure Access Control Server, Secure User Registration Tool, Network Visibility and Segmentation, Identity Services Engine (ISE) 3300 Series Appliances, NAC Appliance (Clean Access), NAC Guest Server, NAC Legacy Software, NAC Manager and Server, NAC Profiler, Secure Access Control System, Secure Network Server (SNS) 3400 Series, Stealthwatch Identity, Trust Agent, VPN and Endpoint Security, 7100 7200 7400 Series VPN Routers, AnyConnect VPN Client, FireRunner, Hostscan, IDS Host Sensors, Intraport VPN Server Software, NAC Appliance 3100 and 3300 Series, Remote Access Security, Scanner, Secure Desktop, Secure Guest Control Server Software, Secure Managed Remote Access, Secure VPN Client, Security Agent, SSL VPN Client, Threat Grid - Appliance, Virtual Network Computing, VPN 3000 and VPN 3002 Client, VPN 3000 and 5000 Series Concentrators/Software, VPN 5000 Client Manager and Concentrator Software, VPN Client, VPN CVC Pro, Security Management Series, ASA Content Security and Control, DDoS Multidevice Management System, DDoS Web-based Management System, Guard DDoS Mitigation Appliances, IPS Manager Express, Multinet, Prime Security Manager, ProtectLink Security, Secure Policy Manager, Security Auditor, Security Monitoring Analysis and Response System, Traffic Anomaly Detectors, Trend Micro ProtectLink, IPS and NGIPS, IDS Sensor Software, IDS Unix Director, Incident Control System, Intrusion Prevention System, IPS 4200 4300 4500 Series Sensors, IPS Device Manager, IPS Threat Response, NetRanger Sensor, Network Traffic Analyst, Sourcefire 3D Sensor, Cloud Email Web Security, Cloud Access Security, Cloud Application Security, Cognitive Threat Analytics, Cyber Threat Defense, IOS Content Filtering, Scan Safe Web Security, SecureX, Spam and Virus Blocker, SSL Appliances, CiscoWorks Products, CiscoWorks Access Control List Manager, CiscoWorks Auto Update Server Software, CiscoWorks Incident Resolution Management, CiscoWorks Management Center for Security Agents, CiscoWorks Management Center for Firewalls, CiscoWorks Management Center for IPS Sensors, CiscoWorks Management Center for VPN Routers, CiscoWorks Monitoring Center for Performance, CiscoWorks Monitoring Center for Security, CiscoWorks Monitoring for Network Admission Control, CiscoWorks Rules Based Correlation, ASA 1000V Cloud Firewall, CiscoWorks Security Information Management Solution, CiscoWorks Security Portal, CiscoWorks VPN Monitor, CiscoWorks VPN/Security Management Solution, CiscoWorks Vulnerability Correlation
|ArticleType=Product
|Type=Ownership, Right to Repair
|Description=Cisco removes all downloads for products that are past their end-of-support date, which leaves no official way to acquire updates.
}}As Cisco devices reach end of life all downloads for the affected devices are removed from Cisco's website.<ref name=":0" />

==Background==
{{Ph-I-B}}

==Removing access to critical downloads for products that are end-of-support==
Cisco removes all downloads for products that are past their end-of-support date, making it impossible to obtain software or firmware from official sources for your Cisco product. Cisco claims "'''Note:''' For security purposes, upon retirement of a product, Cisco Systems purposely removes documentation, downloads, and product pages from the Cisco.com website, though you may be able to obtain peer support in the Cisco Community."<ref name=":0">{{Cite web |date=2026-02-25 |title=Retired Products |url=https://www.cisco.com/c/en/us/support/security/retired.html |url-status=live |archive-url=https://web.archive.org/web/20260222210213/https://www.cisco.com/c/en/us/support/security/retired.html |archive-date=2026-02-22 |access-date=2026-02-25 |website=Cisco Product Support}}</ref>

==Consumer response==

Some consumers consider Cisco's actions to be [[security through obscurity]]. If you, a consumer, have obtained obsolete Cisco hardware and wish to utilize it in a working environment, Cisco has deliberately made it harder to update your device to shield against security issues, or add features.

==References==
{{reflist}}

{{Ph-I-C}}

Cisco Removing access to critical downloads for products that are end-of-support

2026-03-19T02:46:32Z

Dperrigo: Reworked Description

{{IncidentCargo
|Company=Cisco Systems, Inc.
|Status=Active
|ProductLine=ASA Next-Generation Firewall Services, Centri Firewall, Compatible IntraGuard Firewall Series, ISA500 Integrated Security Appliances, PIX 500 Series Security Appliances, PIX Device Manager, PIX Firewall Software, SA500 Security Appliances, Secure Firewall Cloud Native, Sourcefire Defense Center, Sourcefire Virtual Defense Center, Access Control and Policy, Administrative Policy Engine, Authentication Agent, CSPM Lite Software, Global Roaming Server Software, Policy Administration Point, Policy Decision Point, Policy Enforcement Point, Secure Access Control Server, Secure User Registration Tool, Network Visibility and Segmentation, Identity Services Engine (ISE) 3300 Series Appliances, NAC Appliance (Clean Access), NAC Guest Server, NAC Legacy Software, NAC Manager and Server, NAC Profiler, Secure Access Control System, Secure Network Server (SNS) 3400 Series, Stealthwatch Identity, Trust Agent, VPN and Endpoint Security, 7100 7200 7400 Series VPN Routers, AnyConnect VPN Client, FireRunner, Hostscan, IDS Host Sensors, Intraport VPN Server Software, NAC Appliance 3100 and 3300 Series, Remote Access Security, Scanner, Secure Desktop, Secure Guest Control Server Software, Secure Managed Remote Access, Secure VPN Client, Security Agent, SSL VPN Client, Threat Grid - Appliance, Virtual Network Computing, VPN 3000 and VPN 3002 Client, VPN 3000 and 5000 Series Concentrators/Software, VPN 5000 Client Manager and Concentrator Software, VPN Client, VPN CVC Pro, Security Management Series, ASA Content Security and Control, DDoS Multidevice Management System, DDoS Web-based Management System, Guard DDoS Mitigation Appliances, IPS Manager Express, Multinet, Prime Security Manager, ProtectLink Security, Secure Policy Manager, Security Auditor, Security Monitoring Analysis and Response System, Traffic Anomaly Detectors, Trend Micro ProtectLink, IPS and NGIPS, IDS Sensor Software, IDS Unix Director, Incident Control System, Intrusion Prevention System, IPS 4200 4300 4500 Series Sensors, IPS Device Manager, IPS Threat Response, NetRanger Sensor, Network Traffic Analyst, Sourcefire 3D Sensor, Cloud Email Web Security, Cloud Access Security, Cloud Application Security, Cognitive Threat Analytics, Cyber Threat Defense, IOS Content Filtering, Scan Safe Web Security, SecureX, Spam and Virus Blocker, SSL Appliances, CiscoWorks Products, CiscoWorks Access Control List Manager, CiscoWorks Auto Update Server Software, CiscoWorks Incident Resolution Management, CiscoWorks Management Center for Security Agents, CiscoWorks Management Center for Firewalls, CiscoWorks Management Center for IPS Sensors, CiscoWorks Management Center for VPN Routers, CiscoWorks Monitoring Center for Performance, CiscoWorks Monitoring Center for Security, CiscoWorks Monitoring for Network Admission Control, CiscoWorks Rules Based Correlation, ASA 1000V Cloud Firewall, CiscoWorks Security Information Management Solution, CiscoWorks Security Portal, CiscoWorks VPN Monitor, CiscoWorks VPN/Security Management Solution, CiscoWorks Vulnerability Correlation
|ArticleType=Product
|Type=Ownership, Right to Repair
|Description=Cisco removes all downloads for products that are past their end-of-support date, which leaves no official way to acquire updates.
}}As Cisco devices reach end of life all downloads for the affected devices are removed from Cisco's website.

==Background==
{{Ph-I-B}}

==Removing access to critical downloads for products that are end-of-support==
Cisco removes all downloads for products that are past their end-of-support date, making it impossible to obtain software or firmware from official sources for your Cisco product. Cisco claims "'''Note:''' For security purposes, upon retirement of a product, Cisco Systems purposely removes documentation, downloads, and product pages from the Cisco.com website, though you may be able to obtain peer support in the Cisco Community."<ref>{{Cite web |date=2026-02-25 |title=Retired Products |url=https://www.cisco.com/c/en/us/support/security/retired.html |url-status=live |archive-url=https://web.archive.org/web/20260222210213/https://www.cisco.com/c/en/us/support/security/retired.html |archive-date=2026-02-22 |access-date=2026-02-25 |website=Cisco Product Support}}</ref>

==Consumer response==

Some consumers consider Cisco's actions to be [[security through obscurity]]. If you, a consumer, have obtained obsolete Cisco hardware and wish to utilize it in a working environment, Cisco has deliberately made it harder to update your device to shield against security issues, or add features.

==References==
{{reflist}}

{{Ph-I-C}}

Cisco Removing access to critical downloads for products that are end-of-support

2026-03-19T02:40:26Z

Dperrigo: Updated the Incident, Consumer Response, and Description section. Also removed non-relevent sections.

{{IncidentCargo
|Company=Cisco Systems, Inc.
|Status=Active
|ProductLine=ASA Next-Generation Firewall Services, Centri Firewall, Compatible IntraGuard Firewall Series, ISA500 Integrated Security Appliances, PIX 500 Series Security Appliances, PIX Device Manager, PIX Firewall Software, SA500 Security Appliances, Secure Firewall Cloud Native, Sourcefire Defense Center, Sourcefire Virtual Defense Center, Access Control and Policy, Administrative Policy Engine, Authentication Agent, CSPM Lite Software, Global Roaming Server Software, Policy Administration Point, Policy Decision Point, Policy Enforcement Point, Secure Access Control Server, Secure User Registration Tool, Network Visibility and Segmentation, Identity Services Engine (ISE) 3300 Series Appliances, NAC Appliance (Clean Access), NAC Guest Server, NAC Legacy Software, NAC Manager and Server, NAC Profiler, Secure Access Control System, Secure Network Server (SNS) 3400 Series, Stealthwatch Identity, Trust Agent, VPN and Endpoint Security, 7100 7200 7400 Series VPN Routers, AnyConnect VPN Client, FireRunner, Hostscan, IDS Host Sensors, Intraport VPN Server Software, NAC Appliance 3100 and 3300 Series, Remote Access Security, Scanner, Secure Desktop, Secure Guest Control Server Software, Secure Managed Remote Access, Secure VPN Client, Security Agent, SSL VPN Client, Threat Grid - Appliance, Virtual Network Computing, VPN 3000 and VPN 3002 Client, VPN 3000 and 5000 Series Concentrators/Software, VPN 5000 Client Manager and Concentrator Software, VPN Client, VPN CVC Pro, Security Management Series, ASA Content Security and Control, DDoS Multidevice Management System, DDoS Web-based Management System, Guard DDoS Mitigation Appliances, IPS Manager Express, Multinet, Prime Security Manager, ProtectLink Security, Secure Policy Manager, Security Auditor, Security Monitoring Analysis and Response System, Traffic Anomaly Detectors, Trend Micro ProtectLink, IPS and NGIPS, IDS Sensor Software, IDS Unix Director, Incident Control System, Intrusion Prevention System, IPS 4200 4300 4500 Series Sensors, IPS Device Manager, IPS Threat Response, NetRanger Sensor, Network Traffic Analyst, Sourcefire 3D Sensor, Cloud Email Web Security, Cloud Access Security, Cloud Application Security, Cognitive Threat Analytics, Cyber Threat Defense, IOS Content Filtering, Scan Safe Web Security, SecureX, Spam and Virus Blocker, SSL Appliances, CiscoWorks Products, CiscoWorks Access Control List Manager, CiscoWorks Auto Update Server Software, CiscoWorks Incident Resolution Management, CiscoWorks Management Center for Security Agents, CiscoWorks Management Center for Firewalls, CiscoWorks Management Center for IPS Sensors, CiscoWorks Management Center for VPN Routers, CiscoWorks Monitoring Center for Performance, CiscoWorks Monitoring Center for Security, CiscoWorks Monitoring for Network Admission Control, CiscoWorks Rules Based Correlation, ASA 1000V Cloud Firewall, CiscoWorks Security Information Management Solution, CiscoWorks Security Portal, CiscoWorks VPN Monitor, CiscoWorks VPN/Security Management Solution, CiscoWorks Vulnerability Correlation
|ArticleType=Product
|Type=Ownership, Right to Repair
|Description=Cisco removes all downloads for products that are past their end-of-support date, which leaves no official way to acquire updates.
}}Cisco removes all downloads for products that are past their end-of-support date. This makes it impossible to obtain software or firmware from official sources for your Cisco product.

==Background==
{{Ph-I-B}}

== Removing access to critical downloads for products that are end-of-support ==
Cisco removes all downloads for products that are past their end-of-support date, making it impossible to obtain software or firmware from official sources for your Cisco product. Cisco claims "'''Note:''' For security purposes, upon retirement of a product, Cisco Systems purposely removes documentation, downloads, and product pages from the Cisco.com website, though you may be able to obtain peer support in the Cisco Community."<ref>{{Cite web |date=2026-02-25 |title=Retired Products |url=https://www.cisco.com/c/en/us/support/security/retired.html |url-status=live |archive-url=https://web.archive.org/web/20260222210213/https://www.cisco.com/c/en/us/support/security/retired.html |archive-date=2026-02-22 |access-date=2026-02-25 |website=Cisco Product Support}}</ref>

==Consumer response==

Some consumers consider Cisco's actions to be [[security through obscurity]]. If you, a consumer, have obtained obsolete Cisco hardware and wish to utilize it in a working environment, Cisco has deliberately made it harder to update your device to shield against security issues, or add features.

==References==
{{reflist}}

{{Ph-I-C}}

Cisco Removing access to critical downloads for products that are end-of-support

2026-03-19T02:28:37Z

Dperrigo: Created page with "{{IncidentCargo |Company=Cisco Systems, Inc. |Status=Active |ProductLine=ASA Next-Generation Firewall Services, Centri Firewall, Compatible IntraGuard Firewall Series, ISA500 Integrated Security Appliances, PIX 500 Series Security Appliances, PIX Device Manager, PIX Firewall Software, SA500 Security Appliances, Secure Firewall Cloud Native, Sourcefire Defense Center, Sourcefire Virtual Defense Center, Access Control and Policy, Administrative Policy Engine, Authenticatio..."