CISA Releases Latest ICS Advisories
The Cybersecurity and Infrastructure Security Agency (CISA) recently released 16 Industrial Control Systems (ICS) advisories with information about current security issues, vulnerabilities, and exploits. The most recent batch included:
CISA also partnered with Cisco to announce security updates to address ArcaneDoor — an exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software:
More specifically, the update addressed how threat actors could exploit vulnerabilities (CVE-2024-20353, CVE-2024-20359, CVE-2024-20358) to take control of an affected system. Cisco also reported active exploitation of CVE 2024-20353 and CVE-2024-20359 and CISA has added these vulnerabilities to its Known Exploited Vulnerabilities Catalog.