Cisco Firewalls Facing Another Huge Surge of Attacks

Cisco Firewalls Facing Another Huge Surge of Attacks

Cisco firewalls are facing another huge surge of attacks, and businesses worldwide are now scrambling for answers. Threat actors are exploiting new zero-day vulnerabilities affecting Cisco ASA 5500-X and Secure Firewall devices, allowing remote access, malware deployment, and even forced reboots. These updated attack techniques—linked to the ArcaneDoor campaign—are becoming harder to detect as attackers refine their stealth methods. Here’s what’s happening and how to stay protected. Image credit: Shutterstock / Ken Wolter Why Cisco Firewalls Are Facing Another Huge Surge of Attacks Cisco confirmed that attackers are abusing two critical zero-day flaws, CVE-2025-20333 and CVE-2025-20362. These allow hackers to execute malicious code, disable logs, tamper with firmware, and maintain persistent access. Because the new variant updates old methods instead of introducing new malware, many organizations may not even notice ongoing breaches. How Are Attackers Targeting Cisco Firewalls? The campaig…