The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 24-01 in response to observed widespread and active exploitation of vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure appliances by malicious cyber threat actors. This Emergency Directive directs all federal civilian agencies to immediately take specific actions and implement vendor mitigation guidance to these Ivanti appliances. While only binding on Federal Civilian Executive Branch agencies, CISA urges all organizations using these products to urgently implement the mitigations outlined in this Directive.
Read More: Fortanix Data Security Manager SaaS Now Available in AWS Marketplace
Last week, Ivanti released information regarding two vulnerabilities, CVE-2023-46805 and CVE-2024-21887, that allow an attacker to move laterally across a target network, perform data exfiltration, and establish persistent system access. CISA has determined an Emergency Directive is necessary based on the widespread exploitation of these vulnerabilities by multiple threat actors, prevalence of the affected products in the federal enterprise, high potential for compromise of agency information systems, and potential impact of a successful compromise.
“The vulnerabilities in these products pose significant, unacceptable risks to the security of the federal civilian enterprise. As America’s cyber defense agency and the operational lead for federal civilian cybersecurity, we must take urgent action to reduce risks to the federal systems upon which Americans depend,” said CISA Director Jen Easterly. “Even as federal agencies take urgent action in response to this Directive, we know that these risks extend to every organization and sector using these products. We strongly urge all organizations to adopt the actions outlined in this Directive.”
Read More: Uptycs is named a Notable Vendor in Leading Analyst Firm’s Cloud Workload Security Report
As federal civilian agencies implement this mandate, CISA will assess and support agency adherence and provide additional resources as required. CISA is committed to using its cybersecurity authorities to gain greater visibility and drive timely risk reduction across federal civilian agencies.
[To share your insights with us, please write to sghosh@martechseries.com]