Without visibility, there is no security.
On September 25, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 25-03, a stark reminder that when critical vulnerabilities emerge in your IT infrastructure, the race isn't just about patching. It's about knowing what you have to patch, where it's deployed, and what versions are running.
The directive required federal agencies to immediately identify and mitigate potential compromise of Cisco networking devices following the discovery of CVE-2025-20333 and CVE-2025-20362. The Record from Recorded Future News reported that federal agencies were given just one day to account for all affected devices, scan them for compromise, collect forensic data, and apply critical updates.
One day.
For organizations without complete visibility into their IT infrastructure, this deadline would be nearly impossible to meet.
While ED-25-03 applies specifically to federal agencies, the lesson extends to every organization running complex IT environments. When sophisticated threat actors exploit zero-day vulnerabilities, the first question isn't "how do we patch?" It's "what do we have that needs patching?"
The biggest challenge isn't patching. It's knowing what you have.
The Real Problem: Visibility Gaps Across Your Entire IT Estate
The Cisco emergency directive spotlighted a vulnerability crisis in network infrastructure. But here's what keeps CIOs and IT leaders up at night: this isn't just a Cisco problem. It's not just a network device problem. It's a complete IT visibility problem.
Recent data from Block 64's analysis of over 200,000 endpoints across hundreds of North American organizations reveals the alarming scope of the visibility crisis:
74% of endpoints are exposed to at least one critical vulnerability with a CVSS score above 9.0. This means nearly three-quarters of all devices in mid-market organizations are running software with security flaws severe enough to enable remote code execution, data breaches, or system compromise.
When Block 64 analyzed specific critical exposures, they found thousands of installations of legacy software across essential business tools:
- 16% of endpoints using outdated Chrome or Edge browsers susceptible to buffer overflow attacks (patches released in November 2022)
- 1,900 PowerShell installations exposed to a 9.8 CVSS severity vulnerability
- 100% of customers surveyed using Docker running behind on critical security updates
- More than 1,600 legacy VLC installations vulnerable to out-of-bounds write exploits
These aren't exotic edge cases. These are the everyday business applications your teams depend on—browsers, development tools, media players—all invisibly exposing your organization to critical risk.
And it gets worse. Organizations lack visibility into more than just vulnerabilities. When Block 64 examined IT asset management practices, they discovered:
- 44% of hardware devices are out of warranty, with 100% of businesses running at least one unsupported device
- 37% of organizations running unsupported SQL servers, with another 44% of organizations running versions in extended support
- 52% operating end of life Windows servers, creating massive compliance and security exposures
The pattern is clear: most organizations simply don't know what they have, where it's deployed, what versions are running, or what's vulnerable.
This is the visibility gap that makes emergency directives like ED-25-03 so devastating. Whether it's Cisco network devices, Windows servers, SaaS applications, or cloud workloads, if you can't see it, you can't secure it.
And you certainly can't patch it in 24 hours.
Why Network Visibility Is Just the Beginning
Let's return to the Cisco case for a moment, because it illustrates a broader principle that applies across your entire IT estate.
Common problems organizations face with network infrastructure mirror the challenges across all IT assets:
No up-to-date inventory of critical infrastructure. Spreadsheets become outdated the moment they're created. Manual tracking can't keep pace with infrastructure changes, whether it's network devices, server deployments, or SaaS subscriptions.
Legacy versions running unpatched. Without automated version tracking across your entire IT environment—from network appliances to database servers to endpoint applications—older systems run vulnerable software indefinitely, invisible to security teams until an audit or incident forces discovery.
Weak or unmanaged configurations. Whether it's SNMP on network devices, admin credentials on servers, or overprivileged accounts in cloud environments, configuration sprawl creates security gaps that most organizations don't even know exist.
Without an accurate, real-time inventory spanning network devices, servers, endpoints, SaaS applications, and cloud workloads, compliance with any emergency directive, whether it's ED-25-03 or the next critical vulnerability, becomes a scramble rather than a response.
This is where most management approaches fail IT leaders. Traditional ITAM suites are slow to deploy and bloated with features you don't need. SaaS management platforms can't see on-premises infrastructure. Cloud-only tools miss everything that isn't in AWS or Azure. Network monitoring tools don't track software. And manual processes? They're prone to error, time-consuming, and completely lack the real-time intelligence needed to respond at the speed of modern threats.
How SNMP Inventory Solves Network Visibility Challenges
Within the broader visibility challenge, Simple Network Management Protocol (SNMP), provides a critical capability for network infrastructure discovery and monitoring.
SNMP queries reveal exactly what security teams need to respond to directives like ED-25-03:
- Manufacturer, model, and serial number for every network device
- Operating system and exact software version to correlate with CVE databases
- Installed hardware modules and components for comprehensive risk assessment
This level of detail enables rapid prioritization: Which devices need immediate patching? Which should be isolated from the network? Which are so outdated they should be retired?
Most importantly, SNMP inventory answers the question that stumped many organizations during ED-25-03: "Do we even have affected devices?"
But here's the critical insight: SNMP inventory for network devices is just one piece of the puzzle.
You need the same level of visibility across your servers, endpoints, applications, SaaS subscriptions, cloud resources, and entitlements. That's where a unified IT visibility platform, like Block 64, becomes essential.
Block 64 makes it easy for users by helping gather a comprehensive inventory of their IT assets. Upon discovering an asset in the customer’s environment, Block 64 begin to report back on it. A list of all discovered devices is usually the first step.
Users can easily see a list of their installed software, where it is running and its version.
This data can be correlated to third party sources to help determine if their products are unsupported or vulnerable to any known vulnerabilities. Block 64’s Software Library contains publicly available information on supportability timelines for software we have discovered. This makes it easy of users to see their unsupported products and affords them time to address products with upcoming end of life events.
Discovered software is also compared to the National Vulnerabilities database to determine if there are known software vulnerabilities. These can be used to inform patching decisions.
Why This Matters to Your Organization
The Cisco ED-25-03 case demonstrates that attacks on critical IT infrastructure aren't slowing down. Nation-state actors and sophisticated cybercriminals continue to target the foundational technologies that keep businesses running: network devices, servers, applications, and cloud services.
Emergency directives will keep coming. The next one might target VMware ESXi hosts. Or Microsoft Exchange servers. Or specific cloud services your organization depends on. The question isn't if there will be another critical vulnerability requiring immediate response. The question is: will you know what you have when that day comes?
IT leaders face real constraints.
You're managing hybrid environments without enterprise-sized budgets or staff. You need to optimize spend, reduce risk, and demonstrate value to leadership—often simultaneously. Manual processes and siloed tools can't keep up with the complexity of modern licensing, the pace of security threats, or the expectations of your CFO and board.
---
See How Block 64 Can Help Your Team
Don't wait for the next critical vulnerability to expose gaps in your IT visibility. See how Block 64 can help your team identify, assess, and protect your entire IT infrastructure—from Cisco devices to cloud workloads, from SaaS subscriptions to on-premises servers.
Get your first insight in 15 minutes. Schedule a demo to see how Block 64 delivers complete visibility without enterprise complexity.
---
This article was written in collaboration with Jaime Mercado, a Customer Success Specialist at Block 64, where he helps organizations strengthen their IT asset management, compliance, and security posture. With a background in IT infrastructure, vulnerability management, and endpoint security, he’s dedicated to helping teams simplify complex technical challenges and turn insights into measurable results.