In a statement the U.S. cybersecurity watchdog agency said, it has ordered federal officials to either update or remove a products made by VMWare Inc citing hacking activity that used exploits of old vulnerable versions of the products to break into targeted organizations.

In an advisory, the Cybersecurity and Infrastructure Security Agency (CISA) said, hackers had managed to reverse engineer recent updates made to VMWare products and were using the knowledge to target old versions and hack into unpatched devices.

The affected products include VMware Workspace ONE Access, which is meant to provide one-stop access to various digital services, and VMware vRealize Automation, which helps manage and automate complex IT processes.

Unpatched VMWare devices accessible from the internet should be assumed as being compromised, said CISA.

“It is extremely important that you quickly take steps to patch or mitigate these issues in on-premises deployments,” said VMWare.

In a statement CISA Director Jen Easterly said, vulnerabilities in old versions of the VMWare products posed “an unacceptable risk to federal network security.”

“We also strongly urge every organization – large and small – to follow the federal government’s lead and take similar steps to safeguard their networks,” said Easterly.

Categories: Creativity, Entrepreneurship, HR & Organization, Strategy

Tags: CISA, CISA Director, Cybersecurity and Infrastructure Security Agency, cybersecurity watchdog, exploits, federal officials, hacking activity, Jen Easterly, remove, reverse engineer, U.S., uninstall, unpatched devices, update, US, VMWare Inc, VMware vRealize Automation, VMware Workspace ONE Access, vulnerable versions