CISA Directs Federal Agencies to Mitigate Ivanti Software Vulnerabilities

CISA has detected ‘widespread and active exploitation of vulnerabilities’ in Ivanti Connect Secure VPN.
CISA Directs Federal Agencies to Mitigate Ivanti Software Vulnerabilities
The Ivanti logo and cyber binary codes are seen in this illustration on April 20, 2021. Dado Ruvic/Reuters
Aldgra Fredly
Updated:
0:00

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on Friday urging agencies to mitigate vulnerabilities in Ivanti Connect Secure VPN devices and its Policy Secure tools.

The directive also requires federal agencies to remove compromised products from agency networks and report any indications of compromise to CISA.