CISA issues emergency directive on Ivanti vulnerabilities

Jan. 22, 2024

The Cybersecurity and Infrastructure Security Agency issued an emergency directive that requires agencies to implement vendor-published mitigation guidance immediately to Ivanti Connect Secure and Ivanti Policy Secure solutions.

Details: Ivanti previously released information regarding two vulnerabilities that allow attackers to move laterally across a target network, perform data exfiltration, and establish persistent system access. The emergency directive is designed to prevent future exploitation at federal civilian executive branch agencies, but CISA urges all organizations to adopt this guidance.

Resources: Additional community bank cybersecurity resources are available on ICBA's Cyber and Data Security resource center.

Interested in discussing this and other topics? Network with and learn from your peers with the app designed for community bankers. Join the conversation with ICBA Community.

NewsWatch Today Contacts

Thomas Warren

Vice President, Communications

Nicole Swann

Vice President, Communications

CISA issues emergency directive on Ivanti vulnerabilities

NewsWatch Today Contacts

Related News

CISA releases proposal on cyber reporting standards

Agencies issue fact sheet on ‘Volt Typhoon’ risks

Agencies disrupt LockBit ransomware group

Agencies issue guidance on using AI securely