Cyber Security News

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks

CybersecurityNews
Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks

Cisco has issued emergency patches for two critical firewall vulnerabilities exploited in attacks linked to the ArcaneDoor espionage campaign. These flaws allowed hackers to deploy malware, execute commands, and exfiltrate data from affected devices, prompting urgent updates and investigations. #ArcaneDoor #CVE202520333

Keypoints

  • Cisco released urgent patches for two firewall vulnerabilities exploited in cyber-espionage attacks.
  • The vulnerabilities impact Cisco Secure Firewall ASA and FTD software, with high CVSS scores of 9.9 and 6.5.
  • The attacks, associated with the ArcaneDoor campaign, used zero-days to compromise devices and deploy malware.
  • Exploiting the flaws required VPN user credentials for the critical-severity vulnerability, but not for the medium one.
  • Organizations are advised to update devices immediately, rotate passwords, and review configurations for signs of compromise.

Read More: https://www.securityweek.com/cisco-firewall-zero-days-exploited-in-china-linked-arcanedoor-attacks/