The Cybersecurity and Infrastructure Agency (CISA) has published an Alert confirming that Cisco has released security updates to its firewall platforms. The releases apply to Cisco’s ArcaneDoor zero-day vulnerabilities applicable to Cisco’s Adaptive Security Appliances devices and its Firepower Threat Defense software.

The exploitation of CVE 2024-20353 and CVE-2024-20359 has been confirmed, and the identified vulnerabilities have been added to its Known Exploited Vulnerabilities Catalog.

Cisco “strongly encourages users and administrators to apply the updates, hunt for any malicious activity, report positive findings to CISA,” and review articles previously published on ArcaneDoor.