CISA Warns of Active Attacks on Cisco ASA and Firepower Flaws

CISA issues an urgent directive for all organizations to patch Cisco ASA and Firepower devices against CVE-2025-20362 and CVE-2025-20333, exploited in the ArcaneDoor campaign. Verify the correct version now!

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a strong warning regarding critical vulnerabilities in Cisco’s Adaptive Security Appliances (ASA) and Firepower devices, which are essential for network security. These systems are, reportedly, being actively targeted by attackers.

The Two Big Problems

Two specific flaws, tracked as CVE-2025-20362 and CVE-2025-20333, are the main concern. CVE-2025-20362 allows an attacker to bypass the login requirement and access a restricted area of the device. This then enables the second, more dangerous flaw (CVE-2025-20333), which allows the attacker to run their own malicious code as the ‘root’ user, possibly leading to complete control of the affected device.

Reportedly, these two vulnerabilities are being collectively used by attackers in a campaign called ArcaneDoor ...