Cisco ASA and FTD: Critical Vulnerabilities Exploited in the Wild
On September 25, 2025, Cisco released several security advisories addressing 3 vulnerabilities, 2 of which are critical. Cisco warns that some of those vulnerabilities are exploited in the wild. Cisco assesses with high confidence that this new activity is related to the same threat actor as the ArcaneDoor attack campaign that Cisco reported in early 2024.
On September 25, 2025, Cisco released several security advisories addressing 3 vulnerabilities, 2 of which are critical. Cisco warns that some of those vulnerabilities are exploited in the wild.
Cisco assesses with high confidence that this new activity is related to the same threat actor as the ArcaneDoor attack campaign that Cisco reported in early 2024.
It is recommended running compromise assessment on Internet facing vulnerable devices, and update as soon as possible.