CISA Orders Federal Agencies to Patch Exploited Check Point VPN Flaw Within 72 Hours
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has directed federal agencies to patch a critical Check Point VPN vulnerability within three days after ransomware attackers exploited the flaw to breach organisations worldwide. The bug affects remote access and VPN products used across government networks.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has directed all civilian federal agencies to fix a recently exploited vulnerability affecting Check Point security products by the end of June 11.
Check Point Software said the flaw impacts several of its VPNs, firewalls, and remote-access solutions, which help protect networks from unauthorised access. The company confirmed that the ransomware group Qilin is actively exploiting the vulnerability and has used it to target “a few dozen organisations globally” that rely on the affected products.
According to Check Point, the attacks began on May 7 and increased significantly over the past week.
In response to the growing threat, CISA issued an emergency directive requiring agencies, including the Departments of Homeland Security, State, and Treasury, to remediate affected systems within 72 hours. The agency cited BOD 22-01, which allows it to mandate security actions when active cyber threats pose a risk to government networks.
The order highlights concerns over the exploitation of widely used security infrastructure and underscores the need for rapid patching to reduce the risk of ransomware attacks across federal systems.
What's Your Reaction?
Like
0
Dislike
0
Love
0
Funny
0
Angry
0
Sad
0
Wow
0
