2025-036: Critical Vulnerabilities in Cisco ASA and FTD

On 25 September 2025 Cisco published advisories for three vulnerabilities affecting ASA, FTD and some IOS platforms — two are critical remote code execution flaws (CVSS 9.9 and 9.0) and one allows unauthenticated URL access. Cisco reports attempted and observed exploitation in the wild, links the activity to the ArcaneDoor campaign, and advises running compromise assessments on internet-facing devices and applying patches or mitigations immediately.