The ArcaneDoor vulnerabilities are part of a state-sponsored campaign targeting perimeter network devices from multiple vendors; these particular vulnerabilities were discovered during a Cisco customer’s incident response activities. While the initial access vector of this campaign was not determined, the resulting analysis yielded the discovery of two vulnerabilities impacting Cisco Adaptive Security Appliances (ASA): CVE-2024-20353, a remote denial of service vulnerability, and CVE-2024-20359, an arbitrary code execution vulnerability that requires local administrator access.
See the resource center.
Feedback
0 comments
Please sign in to leave a comment.