CISA Warns: SolarWinds, Ivanti, and Workspace One Vulnerabilities Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities to the Known Exploited Vulnerabilities catalog, requiring federal agencies to patch by March 2026. These vulnerabilities are being actively used in attacks against government entities.
On March 11, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent warning, adding three critical vulnerabilities in SolarWinds, Ivanti, and Workspace One to the Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities are being actively exploited by malicious actors targeting federal government agencies. CISA has mandated all federal agencies to patch these vulnerabilities by March 2026.
Three Actively Exploited Vulnerabilities
The vulnerabilities flagged by CISA include:
SolarWinds vulnerabilities: The company, famous for the 2020 supply chain attack, is targeted once again
Ivanti vulnerabilities: The enterprise's Connect Secure and Policy Secure gateway products contain serious flaws
Workspace One vulnerabilities: VMware's endpoint management solution has exploitation risks
SolarWinds vulnerabilities: The company, famous for the 2020 supply chain attack, is targeted once again
Ivanti vulnerabilities: The enterprise's Connect Secure and Policy Secure gateway products contain serious flaws
Workspace One vulnerabilities: VMware's endpoint management solution has exploitation risks
CISA stated in its announcement: "These vulnerabilities are being used in cyberattacks targeting U.S. government agencies. We strongly urge all organizations to immediately take action and patch these confirmed security threats."
Federal Agency Patch Deadline
Under the binding operational directive issued by CISA, all federal civilian agencies must complete vulnerability patching by the March 2026 deadline. Non-federal organizations are also strongly advised to take the same measures, as exploitation code for these vulnerabilities has already circulated in public channels.
This is the second time CISA has issued an emergency warning about enterprise software vulnerabilities in recent months. Previously, CISA had repeatedly added Ivanti product vulnerabilities to the KEV catalog, indicating the company's security situation remains dire.
Continuing Supply Chain Risks
Security experts warn that SolarWinds, Ivanti, and VMware products are widely deployed across U.S. government and enterprises. Once successfully exploited, these vulnerabilities could lead to large-scale data breaches and system compromises. Given the rise of AI-driven cyberattacks, organizations must accelerate their vulnerability patching pace.
Reference: The Hacker News, Security Boulevard