Unit 42: Threat Insights: Active Exploitation of Cisco ASA Zero Days

Sep 26, 2025

—

Source URL: https://unit42.paloaltonetworks.com/zero-day-vulnerabilities-affect-cisco-software/
Source: Unit 42
Title: Threat Insights: Active Exploitation of Cisco ASA Zero Days

Feedly Summary: CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 affect multiple Cisco products, and are being exploited by a threat actor linked to the ArcaneDoor campaign.
The post Threat Insights: Active Exploitation of Cisco ASA Zero Days appeared first on Unit 42.

AI Summary and Description: Yes

Summary: The text highlights the identification of specific vulnerabilities (CVE-2025-20333, CVE-2025-20362, and CVE-2025-20363) that affect multiple Cisco products. These vulnerabilities are currently being exploited by threat actors associated with the ArcaneDoor campaign, emphasizing the pressing need for security measures in the context of infrastructure security.

Detailed Description: The provided text discusses critical vulnerabilities impacting Cisco products, which are part of ongoing cybersecurity threats. The identification and exploitation of these vulnerabilities serve as a reminder for professionals in security and compliance domains to remain vigilant and proactive in their security measures.

Key Points:
– **Vulnerability Identifications**: CVEs (Common Vulnerabilities and Exposures) being CVE-2025-20333, CVE-2025-20362, and CVE-2025-20363.
– **Target**: Multiple Cisco products potentially affected by these vulnerabilities, indicating a wide scope for potential compromises.
– **Exploitation**: These vulnerabilities are currently being exploited by a threat actor linked to the ArcaneDoor campaign, illustrating an active threat vector in the cybersecurity landscape.
– **Implications for Infrastructure Security**: Those managing affected Cisco products should prioritize patching and updates to safeguard against exploitation.

This situation underlines the importance of staying informed about vulnerabilities, particularly in network infrastructure, and implementing a robust security posture to mitigate risks associated with such threats. Regular monitoring for CVEs and timely updates can significantly reduce the attack surface for organizations relying on Cisco infrastructure.

2 2025 3 4 5 a Act active exploitation AGI AI All alt and app ArcaneDoor ArcaneDoor Campaign art as at ated attack attack surface being Bi by C CI CIA Cisco co Common Vulnerabilities Common Vulnerabilities and Exposures compliance Context critical Current CVE CVEs cyber cybersecurit Cybersecurity cybersecurity landscape cybersecurity threat cybersecurity threats D day days de domain domains e exp exploit Exploitation Exposures face first for g Go H high Highlight HR http HTTPS impact implications in infrastructure infrastructure security insights io IRS ite k Key l land led Li line Link linked M man measures Monitor monitoring multi N network network infrastructure networks NGO o of on one ons organization organizations oS out Patch patching point post potential pre pro proactive product products professionals ps R RCE re red Risk risks Ro robust security s safe scope sec security security and compliance security landscape security measure security measures security posture security threat security threats Sig SoC software source specific SSE SSO T target ted text the threat threat actor threat actors threat vector threats Time to Tor TP two UN under Unit 42 up update updates US V vector vulnerabilities vulnerability vulnerability identification Ware Wi x z zero zero-day