Federal agencies are required to urgently patch critical vulnerabilities CVE-2025-30333 and CVE-2025-20362 in Cisco ASA firewalls to prevent exploitation by sophisticated threat actors. The ongoing campaign, linked to state-sponsored hackers, has targeted large organizations worldwide, emphasizing the need for immediate action. #CVE-2025-30333 #ArcaneDoor
Keypoints
- Federal agencies must implement emergency patches for Cisco ASA vulnerabilities by Friday evening.
- The vulnerabilities have high severity scores and are exploited using chained attacks by advanced hackers.
- Cisco identified ongoing sophisticated campaigns, including the ArcaneDoor operation, possibly linked to Chinese state actors.
- Affected devices include legacy Cisco ASA Series platforms with some nearing end-of-support dates.
- Cisco recommends resetting devices to factory defaults and reconfiguring security credentials after updates.
Read More: https://therecord.media/cisco-asa-firewall-bugs-cisa-federal-agencies-warning