The US cybersecurity agency CISA on Thursday announced closing 10 Emergency Directives issued between 2019 and 2024.
The retired directives, CISA says, have achieved their mission to mitigate urgent and imminent risks to federal agencies.
“Since their issuance, CISA has partnered closely with federal agencies to drive remediation, embed best practices and overcome systemic challenges – establishing a stronger, more resilient digital infrastructure for a more secure America,” the agency notes.
For three of the closed CISA Emergency Directives, namely ‘ED 19-01: Mitigate DNS Infrastructure Tampering’, ‘ED 21-01: Mitigate SolarWinds Orion Code Compromise’, and ‘ED 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System’, objectives have been achieved, rendering the directives obsolete, CISA says.
The remaining seven directives, namely ED 20-02, ED 20-03, ED 20-04, ED 21-02, ED 21-03, ED 21-04, and ED 22-03, instructed federal agencies to address vulnerabilities in Microsoft, Pulse Connect, and VMware products.
The targeted flaws included a Windows bug reported by the NSA, a wormable Windows DNS server defect, the infamous Zerologon vulnerability, Exchange zero-days exploited by Chinese hackers, a Windows Print Spooler issue exploited by Russian hackers, and two VMware flaws exploited since 2022.
One of the directives, issued in 2021, targets four Pulse Connect Secure vulnerabilities, including CVE-2021-22893 (exploited alongside CVE-2020-8243 and CVE-2021-22894), and CVE-2021-22900.
All targeted vulnerabilities are now in CISA’s Known Exploited Vulnerabilities (KEV) catalog and the required actions are defined in Binding Operational Directive (BOD) 22-01, which mandates that federal agencies resolve flaws added to KEV within weeks.
“The closure of these ten Emergency Directives reflects CISA’s commitment to operational collaboration across the federal enterprise. Looking ahead, CISA continues to advance Secure by Design principles – prioritizing transparency, configurability, and interoperability - so every organization can better defend their diverse environments,” CISA Acting Director Madhu Gottumukkala said.
Related: CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries
Related: CISA Warns of Exploited Flaw in Asus Update Tool
Related: CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack
Related: CISA Confirms Exploitation of Recent Oracle Identity Manager Vulnerability
