Thursday, April 25th, 2024
Threat Report – Zero-Day Vulnerabilities Discovered in Cisco ASA and FTD – April 2024
Threat Reports are reports created by Smarttech247 based on high and critical severity vulnerabilities that may have a high potential to be exploited in the wild i.e. vulnerabilities that are present in most used products by companies and do not have an auto-update option or they are usually not automatically updated in case that could lead to some service disruption. This report is usually created as soon as the vulnerability is released, therefore we strongly recommend that the information is reviewed, tests are performed and patches are applied before the first proof-of-concept is released.
Even though certain vulnerabilities may not have an active exploit in the wild at the time that we report on them, we take into consideration the wider risk and the impact it could have on systems, should an exploit like that be available after a while. Our duty is to report them on time and we recommend enterprises that, in order to keep critical business systems protected, they should consider, on average, ten working days to check whether or not the new vulnerability affects them, and if so, to implement actions in order to remove the risk.
Overview
Three vulnerabilities have been discovered in Cisco ASA and FTD.
The cybercriminals, identified as UAT4356 by Cisco Talos and STORM-1849 by Microsoft, initiated their attack on vulnerable edge devices in November 2023 as part of a cyber-espionage campaign named ArcaneDoor. Although Cisco hasn’t determined the initial attack vector, they have addressed and patched two vulnerabilities—CVE-2024- 20353, causing denial of service, and CVE-2024-20359, allowing persistent local code execution—that were leveraged as zero-days in these attacks. Cisco first became aware of the ArcaneDoor campaign in January 2024 and discovered evidence suggesting the attackers had been developing and testing exploits for these zero-days since at least July 2023.
RISK
Government:
- – Large and medium government entities: High
- – Small government entities: High
Businesses: - – Large and medium business entities: High
- – Small business entities: High
For more information see the full report:
Contact Us
The data you supply here will not be added to any mailing list or given to any third party providers without further consent. View our Privacy Policy for more information.