Vulnerabilities Observed in Exploit Campaign Affecting Cisco ASA and FTD Software
Health-ISAC is distributing this bulletin to increase your situational awareness.
On April 24, 2024, Cisco released security advisories regarding the abuse of vulnerabilities
(CVE-2024-20353 and CVE-2024-20359) identified in campaigns targeting Cisco Adaptive Security
Appliance (ASA) and Firepower Threat Defense (FTD) software. The malicious activity, dubbed
ArcaneDoor, is an operation enacted by state-sponsored threat actors targeting perimeter network devices
from multiple vendors. The threat actors intentions behind the operation are likely to pivot into
organizations, reroute or modify traffic, and monitor network communications after exploiting affected
perimeter network devices.
- Related Resources & News
- Healthcare Heartbeat 2024 Q4
- Health-ISAC Hacking Healthcare 2-19-2025
- Podcast: Reflecting on the Change Healthcare cyberattack
- Senate Confirms Trump Pick RFK Jr. to Lead HHS
- The Alarming Backdoor Hiding in 2 Chinese Patient Monitors
- Health-ISAC 2025 Health Sector Cyber Threat Landscape
- How Health Systems Manage Security in the Cloud
- Change Healthcare Attack a Wake-up Call for the Industry
- Five High-Impact Cyberattacks Healthcare Industry Should Avoid in 2025
- Health-ISAC Hacking Healthcare 2-11-2025