| The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive (ED) 24-01 that requires Federal Civilian Executive Branch (FCEB) agencies to implement vendor published mitigation guidance immediately to Ivanti Connect Secure and Ivanti Policy Secure solutions to prevent future exploitation and to run the vendor’s Integrity Checker Tool to identify any active or past compromise. |
| Last week, Ivanti released information regarding two vulnerabilities, CVE-2023-46805 and CVE-2024-21887 , that allow an attacker to move laterally across a target network, perform data exfiltration, and establish persistent system access. CISA has determined an Emergency Directive is necessary based on the widespread exploitation of these vulnerabilities by multiple threat actors, prevalence of the affected products in the federal enterprise, high potential for compromise of agency information systems, and potential impact of a successful compromise. |
| While this Directive only applies to FCEB agencies, the threat extends to every sector using these products and we urge all organizations to adopt this guidance. |