CISA said it was issuing the directive amid evidence of “ongoing exploitation” of the vulnerabilities occurring, adding the activity started as far back as June 2020 and has claimed numerous victims. Specifically, CISA said the vulnerabilities have so far been exploited to result in compromises of U.S. government agencies, critical infrastructure entities and private sector organizations alike. CISA explained that successful exploitation of the Pulse Connect Secure vulnerabilities could enable a hacker to gain persistent access into a system where the software has been installed. “CISA has determined that this exploitation of Pulse Connect Secure products poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action,” the agency stated.