Cisco published advisories and a supplemental post about three zero-day vulnerabilities, two of which were exploited in the wild by an advanced threat actor associated with the ArcaneDoor campaign.
Update September 25: This FAQ blog has been updated to include a reference to an NCSC report on associated malware linked to this campaign.
Background
Tenable’s Research Special Operations (RSO) team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding newly disclosed zero-day vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software and Firewall Threat Defense (FTD) Software that were exploited.
FAQ
When were these vulnerabilities first disclosed?
On September 25, Cisco published advisories [ 1 , 2 , 3 ] and a supplemental post regarding three zero-day vulnerabilities in Cisco Adaptive Security Appliance (ASA) Software, Firewall Threat Defense (FTD) Software, IOS XE Software, and IOS XR Software.
What are the vulnerabilities that were disclosed?
The following three vulnerabilities were disclosed. Two (CVE-2025-20333, CVE-2025-20362) were exploited in the wild.
| CVE | Description | CVSSv3 | Exploited |
|---|---|---|---|
| CVE-2025-20333 | Cisco AS […] Content was cut in order to protect the source.Please visit the source for the rest of the article. This article has been indexed from Security Boulevard
Read the original article: Post navigation |