Home » CISA Warns of DLL Hijacking in Mitsubishi Electric CNC Tools

CISA Warns of DLL Hijacking in Mitsubishi Electric CNC Tools

July 25, 2025 • César Daniel Barreto

Urgent CISA Directive Warns of Ivanti Vulnerabilities Under Active Attack Reuters – 2 Feb 2024

The Cybersecurity and Infrastructure Security Agency has posted an emergency directive regarding currently critical issues under active exploitation against the Ivanti Connect Secure and Ivanti Policy Secure products. This vulnerability gives unauthorized access to networks; sensitive data can be extracted as well as malicious payloads downloaded.

Vulnerabilities are actively exploited in the wild, and CISA recently released two advisories— CVE-2023-46805 (authentication bypass) and CVE-2024-21887 (command injection). The flaws affect VPN and network access control solutions from Ivanti, extensively used both inside the government and private enterprises.

Attackers are able to chain the vulnerabilities for authentication bypass as well as arbitrary command execution; therefore, complete system compromise. Federal agencies, critical infrastructure operators, and private sector organizations utilizing Ivanti Connect Secure (versions 9.x and 22.x) and Ivanti Policy Secure are immediately at risk.

CISA has mandated that all federal agencies must apply mitigations by February 5, 2024, as well as conduct forensic investigations in the event of any suspicion of compromise. This was first exploited beginning in early January 2024 and attacks have escalated in recent weeks.

Victims included organizations within the U.S. and globally, but specific entities impacted have not been disclosed by CISA. Ivanti’s VPN solutions are widely implemented products, therefore making them a prime target for espionage and ransomware groups.

Unpatched systems could lead to large breaches, warned CISA—data theft and further network compromises.

Unofficial Guidance CISA recommends organizations apply Ivanti’s mitigations. If patches were not applied prior to January 11, 2024, assume compromise. Initiate incident response activities as per the steps outlined in CISA’s Emergency Directive 24-01.

The FBI is assisting international partners with investigations into these threat actors. A patch and workaround have been made available by Ivanti. Systems that were affected should be fully rebuilt where possible because mitigation does not equate to remediation. For any further updates, stay tuned for more advisories from CISA and security bulletins from Ivanti.

author avatar

César Daniel Barreto

César Daniel Barreto is an esteemed cybersecurity writer and expert, known for his in-depth knowledge and ability to simplify complex cyber security topics. With extensive experience in network security and data protection, he regularly contributes insightful articles and analysis on the latest cybersecurity trends, educating both professionals and the public.

Featured Posts

  1. Influencers Leaked: A Rising Danger to Online Safety
  2. Tinba Virus: A Nefarious Banking Trojan
  3. GTA Group Publishes Findings on Hermit Malware
  4. Should You Really Put Cameras Around Your Home—and What Risks Are You Inviting if You Do?
  5. What Makes Cryptocurrency Payments So Secure 
  6. What’s a Possible Sign of Malware? Identifying Common Indicators What is a possible indication of malware?
  7. APT (Advanced Persistent Threat)
  8. Jacuzzi App Vulnerability Exposes Private Data
  9. The Impact of AI on Cryptocurrency Investments in 2025
  10. How Secure Self-Storage Supports Data and Asset Protection
  11. How to Introduce Monitoring Software to Your Team Without Causing a Revolt
  12. How to Protect Critical Infrastructure from Supply Chain Exploits at Runtime

Stay on top of the latest cyber & technology trends.

©2025 securitybriefing - All rights reserved.