CISA Orders Immediate Disconnection of Vulnerable Ivanti VPN Appliances

Federal agencies have until midnight to comply with the directive amid threats from China-backed hackers.

Federal agencies have less than 24 hours to disconnect Ivanti VPN appliances due to the risk of malicious exploitation caused by multiple software flaws.
CISA's emergency directive comes amid warnings of China-backed hackers targeting U.S. infrastructure, with FBI Director Christopher Wray highlighting the potential for significant harm to American citizens and communities.
Ivanti disclosed three critical vulnerabilities, with at least two being actively exploited by state-backed hackers since December.
CISA mandates federal agencies to disconnect affected Ivanti products and follow a series of steps before reconnecting, including factory resetting and patching.
Security firm Volexity reports at least 2,200 customers of the affected products have been compromised to date.