CISA Orders Federal Agencies to Secure Systems Against Critical Microsoft Configuration Manager Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered U.S. federal agencies to secure their systems against a critical vulnerability in Microsoft Configuration Manager (SCCM), which was patched in October 2024. This flaw, actively exploited in attacks, allows for remote code execution (RCE). No reference to a specific CVE or additional technical details are mentioned. The impact affects infrastructures using SCCM, with a proven risk of malicious exploitation. Source: https://www.bleepingcomputer.com/news/security/cisa-flags-microsoft-configmgr-rce-flaw-as-exploited-in-attacks/