Actor

UAT-4356

1 brief RSS

UAT-4356 FIRESTARTER Backdoor Targeting Cisco Firepower Devices

UAT-4356 is actively targeting Cisco Firepower devices running FXOS, exploiting CVE-2025-20333 and CVE-2025-20362 to deploy the FIRESTARTER backdoor which allows remote access and control by injecting malicious shellcode into the LINA process.

Firepower eXtensible Operating System +2 UAT-4356 firestarter cisco backdoor network espionage

2r 2t 2c 2i 1w ago