CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits

In a swift response to major security concerns, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on Friday. Recommended actions target Federal Civilian Executive Branch (FCEB) agencies, urging them to activate mitigations against two currently exploited zero-day vulnerabilities within products from tech company Ivanti – specifically, their Connect Secure (ICS) and Policy Secure (IPS) software. The issue at hand involves an alarming capability of authentication bypass, signifying a significant vulnerability within these Ivanti products.

Published: Sat, 20 Jan 2024 10:01:00 +0530