Today, Cisco released security updates to address ArcaneDoor—exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software. A cyber threat actor could exploit vulnerabilities (CVE-2024-20353 , CVE-2024-20359 , CVE-2024-20358 ) to take control of an affected system.
Cisco has reported active exploitation of CVE 2024-20353 and CVE-2024-20359 and CISA has added these vulnerabilities to its Known Exploited Vulnerabilities Catalog .
CISA strongly encourages users and administrators to apply the necessary updates, hunt for any malicious activity, report positive findings to CISA, and review the following articles for more information:
Cisco Blog: ArcaneDoor – New espionage-focused campaign found targeting perimeter network devices
Cisco Event Response: Attacks Against Cisco Firewall Platforms