CISA orders federal agencies to fix VPN flaw by June 11

The U.S. cybersecurity agency directed civilian agencies to remediate an actively exploited vulnerability in Check Point remote access tools, firewalls, and VPNs by the end of the day Wednesday. A ransomware group identified as Qilin began exploiting the flaw on May 7, with activity increasing last week, Check Point Software stated.

The company confirmed the group had used the vulnerability to access networks at a few dozen targeted organizations worldwide.

Federal directive The agency issued the order on Monday under its BOD 22-01 guidance, which permits instructions to agencies when an active cyber threat exists. Affected products serve as network gateways for multiple federal departments. Agencies must apply fixes to any instances of the affected Check Point products by end of day June 11.