Health-ISAC is distributing this bulletin to increase your situational awareness.
On April 24, 2024, Cisco released security advisories regarding the abuse of vulnerabilities
(CVE-2024-20353 and CVE-2024-20359) identified in campaigns targeting Cisco Adaptive Security
Appliance (ASA) and Firepower Threat Defense (FTD) software. The malicious activity, dubbed
ArcaneDoor, is an operation enacted by state-sponsored threat actors targeting perimeter network devices
from multiple vendors. The threat actors intentions behind the operation are likely to pivot into
organizations, reroute or modify traffic, and monitor network communications after exploiting affected
perimeter network devices.
PDF version
TLP-WHITE-b43da293-Vulnerabilities-Observed-in-Exploit-Campaign-Affecting-Cisco-ASA-and-FTD-Soft