CISA BOD 22-01 order for FCEB iOS patching
Public Sector Action
Summary
Hide ▲
Show ▼
CISA ordered FCEB agencies to secure devices against DarkSword-linked iOS flaws, tightening federal exposure to attacks that enabled sandbox escape and remote code execution. The directive added three CVEs to the actively exploited catalog and required action within two weeks by April 3. It also told agencies to apply vendor mitigations or stop using the product if mitigations are unavailable.
Related Happenings
WebKit memory corruption, out-of-bounds write, and use-after-free flaws (multiple vulnerabilities)
Vulnerability
H score1
First: 30.06.2026 10:15
Last: 30.06.2026 10:15
Sources 1
About this happening:
**WebKit** now has four patched vulnerabilities, including **CVE-2026-43707**, **CVE-2026-43716**, **CVE-2026-43745**, and **CVE-2026-43715**, that can be triggered by **malicious...
WebKit memory corruption, out-of-bounds write, and use-after-free flaws (multiple vulnerabilities)
VulnerabilityAbout this happening: **WebKit** now has four patched vulnerabilities, including **CVE-2026-43707**, **CVE-2026-43716**, **CVE-2026-43745**, and **CVE-2026-43715**, that can be triggered by **malicious...
CISA KEV remediation for Android and Linux vulnerabilities
Advisory/Mitigation
H score57
First: 03.06.2026 18:36
Last: 03.06.2026 18:36
Sources 1
About this happening:
CISA’s **KEV** update forced **federal agencies** to remediate **CVE-2025-48595** and **CVE-2022-0492** in **Android** and the **Linux kernel** before the **June 5** deadline, or...
CISA KEV remediation for Android and Linux vulnerabilities
Advisory/MitigationAbout this happening: CISA’s **KEV** update forced **federal agencies** to remediate **CVE-2025-48595** and **CVE-2022-0492** in **Android** and the **Linux kernel** before the **June 5** deadline, or...
CERT-In 12-hour KEV remediation guidance
Advisory/Mitigation
H score39
First: 26.05.2026 13:30
Last: 26.05.2026 13:30
Sources 1
About this happening:
CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...
CERT-In 12-hour KEV remediation guidance
Advisory/MitigationAbout this happening: CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...
CISA KEV order for Copy Fail on federal Linux devices
Public Sector Action
H score33
First: 08.05.2026 10:45
Last: 08.05.2026 10:45
Sources 1
About this happening:
**CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...
CISA KEV order for Copy Fail on federal Linux devices
Public Sector ActionAbout this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...
Cisco ASA/FTD code execution and authentication bypass flaws (multiple vulnerabilities)
Vulnerability
H score88
First: 24.04.2026 20:06
Last: 24.04.2026 20:06
Sources 1
About this happening:
**Cisco ASA/FTD** vulnerabilities **CVE-2025-20333** and **CVE-2025-20362** are still under **active exploitation** and can be chained for **unauthenticated remote control** of af...
Cisco ASA/FTD code execution and authentication bypass flaws (multiple vulnerabilities)
VulnerabilityAbout this happening: **Cisco ASA/FTD** vulnerabilities **CVE-2025-20333** and **CVE-2025-20362** are still under **active exploitation** and can be chained for **unauthenticated remote control** of af...
Timeline
-
23.03.2026 10:37 2 articles · 3mo ago
CISA orders Federal Civilian Executive Branch patching of DarkSword-abused iOS flaws
Legal Policy Action UpdateCISA added CVE-2025-31277, CVE-2025-43510, and CVE-2025-43520 to its actively exploited catalog and ordered Federal Civilian Executive Branch agencies to secure affected iOS devices within two weeks by April 3 under BOD 22-01. The directive told agencies to apply vendor mitigations or discontinue use of the product if mitigations are unavailable, after DarkSword-linked attacks were tied to cryptocurrency theft, cyberespionage, sandbox escape, privilege escalation, and remote code execution on unpatched iPhones.
Show sources
- CISA orders feds to patch DarkSword iOS flaws exploited attacks — www.bleepingcomputer.com — 23.03.2026 10:37
- CISA orders feds to patch DarkSword iOS flaws exploited attacks — www.bleepingcomputer.com — 23.03.2026 10:37