CISA Issues Emergency Directive 22-03, Enco …

The Cybersecurity and Infrastructure Security Agency (CISA) issued a rare emergency directive instructing organizations to react swiftly to mitigate the actions of threat actors exploiting vulnerabilities in VMware products.

In Emergency Directive 22-03, the agency has encouraged users to ensure they’re using the most updated form of the VMware software by installing the updates released last week from VMware.

“These vulnerabilities pose an unacceptable risk to federal network security,” said CISA Director Jen Easterly. “CISA has issued this Emergency Directive to ensure that federal civilian agencies take urgent action to protect their networks. We also strongly urge every organization – large and small – to follow the federal government’s lead and take similar steps to safeguard their networks.”

The affected VMware products include:

• VMware Workspace ONE Access (Access)
• VMware Identity Manager (vIDM)
• VMware vRealize Automation (vRA)
• VMware Cloud Foundation
• vRealize Suite Lifecycle Manager

Per the CISA guidance on the organization’s website, federal civilian executive branch agencies have been asked to evaluate and enumerate their tech stacks for any affected VMware products and either deploy the updates or remove the software from the network until the updates can be applied.

CISA suggests that affected agencies assume compromise and disconnect the products off the network, and then report any anomalies to [email protected]