Tag

#cisco

2 posts tagged #cisco.

Analysis · May 11, 2026 · The Commentary Desk

Cisco is now telling you the patch doesn't clean the box

Cisco's April 23 PSIRT advisory says the ArcaneDoor implant survives upgrading to the September 2025 fixes for CVE-2025-20333 and CVE-2025-20362. Reimage, do not patch.
Analysis · May 5, 2026 · The Field Notes Desk

Your firewall management console was the breach. Cisco FMC CVE-2026-20131.

CVSS 10.0 unauthenticated RCE in Cisco FMC was exploited as a zero-day for 36 days. Here's what the upgrade actually looks like.