On May 22, 2024, Cisco published its semiannual security advisory bundle, focusing on vulnerabilities in its ASA, FMC, and FTD software. This comprehensive release details six advisories that address critical issues affecting these products. Notably, these advisories include fixes for vulnerabilities involved in the ArcaneDoor attack campaign, specifically identified as CVE-2024-20353, CVE-2024-20358, and CVE-2024-20359. Cisco has proactively provided software updates to mitigate these risks, ensuring enhanced security for its users.
The advisories cover a range of vulnerabilities with varying levels of severity. The most critical issue is the SQL Injection Vulnerability in Cisco Firepower Management Center Software (CVE-2024-20360) with a CVSS score of 8.8. Other notable vulnerabilities include the Inactive-to-Active ACL Bypass in Cisco ASA and FTD Software (CVE-2024-20293) and the Object Group Access Control List Bypass in Cisco FMC Software (CVE-2024-20361), both rated with a medium security impact. Additional vulnerabilities address policy bypass and authorization issues in various Cisco products.
Customers who have already upgraded their platforms as advised in the April 24, 2024 ArcaneDoor Event Response Page need to take no further action. Cisco’s timely updates and detailed advisories underscore its commitment to maintaining robust security across its product line. Users are encouraged to review the advisories and implement the recommended software updates to protect their systems against potential threats.
Reference:
