CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor | allinfosecnews.com

April 26, 2024, 12:17 a.m. | Satnam Narang

Cyber Exposure Alerts www.tenable.com

Frequently asked questions about CVE-2024-20353 and CVE-2024-20359, two vulnerabilities associated with “ArcaneDoor,” the espionage-related campaign targeting Cisco Adaptive Security Appliances.

Background

The Tenable Security Response Team has compiled this blog to answer Frequently Asked Questions (FAQ) regarding an espionage campaign called ArcaneDoor.

FAQ

What is ArcaneDoor?

ArcaneDoor is the name given to an espionage-focused campaign disclosed by researchers at Cisco Talos on April 24. The campaign involves a reported state-sponsored actor who has been targeting vulnerable network devices including Cisco’s …

adaptive security arcanedoor blog called campaign cisco cve cve-2024 espionage faq name questions researchers response security targeting team tenable vulnerabilities

More from www.tenable.com / Cyber Exposure Alerts

Microsoft’s May 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-30051, CVE-2024-30040) 4 days, 4 hours ago | www.tenable.com

addresses critical critical vulnerability cve +15

CVE-2024-21793, CVE-2024-26026: Proof of Concept Available for F5 BIG-IP Next Central Manager Vulnerabilities 1 week, 2 days ago | www.tenable.com

big big-ip big-ip next central manager centralized management +18

CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor 3 weeks, 1 day ago | www.tenable.com

adaptive security arcanedoor blog called +15

CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited 3 weeks, 4 days ago | www.tenable.com

advisory april crushftp customers +23

Oracle April 2024 Critical Patch Update Addresses 239 CVEs 1 month ago | www.tenable.com

addresses april cpu critical +12

CVE-2024-3400: Zero-Day Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Gateway Exploited in the Wild 1 month ago | www.tenable.com

alto april attacks command +25

Microsoft’s April 2024 Patch Tuesday Addresses 147 CVEs (CVE-2024-29988) 1 month, 1 week ago | www.tenable.com

addresses april critical critical vulnerabilities +13

Frequently Asked Questions About CVE-2024-3094, A Backdoor in XZ Utils 1 month, 2 weeks ago | www.tenable.com

CVE-2023-48788: Critical Fortinet FortiClientEMS SQL Injection Vulnerability 2 months ago | www.tenable.com

address advisory arbitrary code attacker +20

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368

@ Allen Integrated Solutions | Chantilly, Virginia, United States

View on infosec-jobs.com

Consultant Sécurité SI H/F Gouvernance - Risques - Conformité

@ Hifield | Sèvres, France

View on infosec-jobs.com

Infrastructure Consultant

@ Telefonica Tech | Belfast, United Kingdom

View on infosec-jobs.com