Cisco Security Crisis: New Vulnerabilities Leave Networks Exposed!

CISA warns about critical vulnerabilities in Cisco’s Adaptive Security Appliances and Firepower devices. Two flaws, CVE-2025-20362 and CVE-2025-20333, let attackers bypass security and run malicious code. CISA stresses immediate updates, as many devices remain at risk despite earlier fixes. Cisco also reports a new attack variant causing denial of service.

3P
Published: November 14, 2025 5:54 pmAdded: November 14, 2025 at 10:12 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew Cisco’s devices could be a hacker’s playground? It’s like leaving the backdoor open with a sign that says “Welcome, Hackers!” Maybe the next step is to install a “No Trespassing” sign on those firewalls, or better yet, actually patch them properly this time around!

Key Points:

  • CISA warns about critical vulnerabilities in Cisco’s ASA and Firepower devices.
  • Two flaws, CVE-2025-20362 and CVE-2025-20333, are being exploited in the “ArcaneDoor” campaign.
  • Many organizations mistakenly believe their systems are patched, but vulnerabilities persist.
  • A new variant of the attack can cause denial of service conditions on unpatched devices.
  • Experts stress the need for thorough patching and identity observability to prevent breaches.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?