CISA has issued Binding Operational Directive (BOD) 22-01, Reducing
the Significant Risk of Known Exploited Vulnerabilities, to addresses
vulnerabilities that establishes specific timeframes for federal civilian
agencies to remediate vulnerabilities that are being actively exploited by
known adversaries. To support this Directive, CISA has established a catalog of relevant
vulnerabilities. This catalog will be updated regularly, and organizations can
sign up for notifications when new vulnerabilities are added.
CERT Bulgaria strongly recommends that private businesses,
industry, and state, local, tribal and territorial (SLTT) governments
prioritize mitigation of vulnerabilities in CISA’s Directive and sign up for
updates to the catalog.
CERT Bulgaria urges organizations to review BOD 22-01 and the Fact
Sheet for more information.