CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over

The Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog. The post CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over appeared first on SecurityWeek.

CISA

The US cybersecurity agency CISA on Thursday announced closing 10 Emergency Directives issued between 2019 and 2024.

The retired directives, CISA says, have achieved their mission to mitigate urgent and imminent risks to federal agencies.

“Since their issuance, CISA has partnered closely with federal agencies to drive remediation, embed best practices and overcome systemic challenges – establishing a stronger, more resilient digital infrastructure for a more secure America,” the agency notes.

For three of the closed CISA Emergency Directives, namely ‘ED 19-01: Mitigate DNS Infrastructure Tampering’, ‘ED 21-01: Mitigate SolarWinds Orion Code Compromise’, and ‘ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System’, objectives have been achieved, rendering the directives obsolete, CISA says.

The remaining seven directives, namely ED 20-02, ED 20-03, ED 20-04, ED 21-02, ED 21-03, ED 21-04, and ED 22-03, instructed federal agencies to address vulnerabilities in Microsoft, Pulse Connect, and VMware products.

The targeted flaws included a Windows bug reported by the NSA, a wormable Windows DNS server defect, the infamous Zerologon vulnerability, Exchange zero-days exploited by Chinese hackers, a Windows Print Spooler issue exploited by Russian hackers, and two VMware flaws exploited since 2022.

One of the directives, issued in 2021, targets four Pulse Connect Secure vulnerabilities, including CVE-2021-22893 (exploited alongside CVE-2020-8243 and CVE-2021-22894), and CVE-2021-22900.

All targeted vulnerabilities are now in CISA’s Known Exploited Vulnerabilities (KEV) catalog and the required actions are defined in Binding Operational Directive (BOD) 22-01, which mandates that federal agencies resolve flaws added to KEV within weeks.

“The closure of these ten Emergency Directives reflects CISA’s commitment to operational collaboration across the federal enterprise. Looking ahead, CISA continues to advance Secure by Design principles – prioritizing transparency, configurability, and interoperability - so every organization can better defend their diverse environments,” CISA Acting Director Madhu Gottumukkala said.

Related: CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries

Related: CISA Warns of Exploited Flaw in Asus Update Tool

Related: CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack

Related: CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability

Latest News

CYBERNEWSMEDIAPublisher