CISA warns about two critical vulnerabilities in Cisco Secure Firewall products exploited in the China-linked ArcaneDoor espionage campaign. Immediate patching and assessment are required to prevent malware deployment, data exfiltration, and potential denial-of-service attacks. #CiscoSecureFirewall #ArcaneDoor
Keypoints
- The vulnerabilities CVE-2025-20333 and CVE-2025-20362 affect Cisco Secure Firewall ASA and FTD software.
- Threat actors exploited these zero-days to deploy malware and access sensitive data.
- Cisco released patches on September 25, but some agencies failed to update their devices properly.
- CISA issued emergency directives urging immediate identification and patching of vulnerable systems.
- Some federal devices remain unpatched, increasing risk of ongoing cyber attacks and DoS incidents.