Cisco has patched two vulnerabilities in its firewall.

Cisco patched two firewall vulnerabilities exploited in the China-linked ArcaneDoor espionage campaign targeting government organizations. Attackers used zero-days to deploy malware, disable logging, and tamper with device ROMs for persistence. The compromised devices lacked Secure Boot and Trust Anchor, making them vulnerable to deep system manipulation.

Read more:

https://www.securityweek.com/cisco-firewall-zero-days-exploited-in-china-linked-arcanedoor-attacks/