The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on Friday urging agencies to mitigate vulnerabilities in Ivanti Connect Secure VPN devices and its Policy Secure tools.
The directive also requires federal agencies to remove compromised products from agency networks and report any indications of compromise to CISA.