1. Forum
  2. Mailing Lists
  3. Cybersecurity & Infrastru

  • CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisco SD-WAN Systems

    From CISA@cisa@messages.cisa.gov to cisa@toolazy.synchro.net on Wed Feb 25 16:50:05 2026
    --===============8856491512790867670==
    Content-Type: multipart/alternative; boundary="===============1731792185678271427=="
    MIME-Version: 1.0

    --===============1731792185678271427==
    Content-Type: text/plain; charset="utf-8"
    MIME-Version: 1.0
    Content-Transfer-Encoding: quoted-printable

    Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Sec= ure Tomorrow

    CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisco=
    SD-WAN Systems [ https://www.cisa.gov/news-events/alerts/2026/02/25/cisa-a= nd-partners-release-guidance-ongoing-global-exploitation-cisco-sd-wan-syste=
    ms ]

    "02/25/2026 11:00 AM EST"

    "The purpose of this Alert is to provide resources for organizations with C= isco Software-Defined Wide-Area Networking (SD-WAN) systems, including Fede= ral Civilian Executive Branch (FCEB) agencies, to address ongoing exploitat= ion of multiple vulnerabilities. Notably, the Cybersecurity and Infrastruct= ure Security Agency (CISA) has added=C2=A0"CVE-2026-20127 [ https://www.cve= .org/CVERecord?id=3DCVE-2026-20127 ]"=C2=A0and=C2=A0"CVE-2022-20775 [ https= ://www.cve.org/CVERecord?id=3DCVE-2022-20775 ]"=C2=A0to its Known Exploited=
    Vulnerabilities (KEV) Catalog on Feb. 25, 2026. As a result of the malicio=
    us cyber activity and vulnerabilities involving Cisco SD-WAN systems, CISA = has outlined requirements for FCEB agencies in Emergency Directive (ED) 26-=
    03 to inventory Cisco SD-WAN systems, update them, and assess compromise."

    CISA and partners have observed malicious cyber actors targeting and compro= mising Cisco SD-WAN systems of organizations, globally. These actors have b= een observed exploiting a previously undisclosed authentication bypass vuln= erability, CVE-2026-20127, for initial access before escalating privileges = using CVE-2022-20775 and establishing long-term persistence in Cisco SD-WAN=
    systems.

    CISA, National Security Agency (NSA), and international partners Australian=
    Signals Directorate=E2=80=99s Australian Cyber Security Centre (ASD=E2=80= =99s ACSC), Canadian Centre for Cyber Security (Cyber Centre), New Zealand = National Cyber Security Centre (NCSC-NZ), and United Kingdom National Cyber=
    Security Centre (NCSC-UK), hereafter the =E2=80=9Cauthoring organizations,= =E2=80=9D strongly urge network defenders to immediately 1) inventory all i= n-scope Cisco SD-WAN systems, 2) collect artifacts, including virtual snaps= hots and logs off of SD-WAN systems to support threat hunt activities, 3) f= ully patch Cisco SD-WAN systems with available updates, 4) hunt for evidenc=
    e of compromise, and 5) concurrently review Cisco=E2=80=99s latest security=
    advisories,=C2=A0Cisco Catalyst SD-WAN Controller Authentication Bypass Vu= lnerability [ https://sec.cloudapps.cisco.com/security/center/content/Cisco= SecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk ]=C2=A0and=C2=A0Cisco Catalyst = SD-WAN Vulnerabilities [ https://sec.cloudapps.cisco.com/security/center/co= ntent/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v ], and implement= =C2=A0Cisco=E2=80=99s SD-WAN Hardening Guidance [ https://sec.cloudapps.cis= co.com/security/center/resources/Cisco-Catalyst-SD-WAN-HardeningGuide ].1 [=
    https://www.cisa.gov/news-events/alerts/2026/02/25/cisa-and-partners-relea= se-guidance-ongoing-global-exploitation-cisco-sd-wan-systems#note1 ]

    To address malicious activity involving vulnerable Cisco SD-WAN systems, CI=
    SA issued=C2=A0Emergency Directive 26-03: Mitigate Vulnerabilities in Cisco=
    SD-WAN Systems [ https://www.cisa.gov/news-events/directives/ed-26-03-miti= gate-vulnerabilities-cisco-sd-wan-systems ], which outlines requirements fo=
    r FCEB agencies to inventory Cisco SD-WAN systems, update them, and assess = compromise. Further, CISA released=C2=A0Supplemental Emergency Direction 26= -03: Hunt and Hardening Guidance for Cisco SD-WAN Systems [ https://www.cis= a.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-harde= ning-guidance-cisco-sd-wan-systems ]=C2=A0to provide prescriptive actions f=
    or FCEB agencies.=C2=A0

    Cisco=E2=80=99s Catalyst SD-WAN Hardening Guide recommends that network def= enders address:


    * *Network perimeter controls*: Ensure control components are behind a fi= rewall, isolate virtual private network (VPN) 512 interfaces, and use inter= net protocol (IP) blocks for manually provisioned edge IPs.=20
    * *SD-WAN manager access*: Replace the self-signed certificate for the we=
    b user interface.=20
    * *Control and data plane security*: Use pairwise keys.=20
    * *Session timeout*: Limit to the shortest period possible.=20
    * *Logging*: Forward to a remote syslog server.=20

    CISA and the authoring organizations are providing the following resources:= =E2=80=AF=C2=A0


    * CISA:=C2=A0Emergency Directive 26-03: Mitigate Vulnerabilities in Cisco=
    SD-WAN Systems [ https://www.cisa.gov/news-events/directives/ed-26-03-miti= gate-vulnerabilities-cisco-sd-wan-systems ]=20
    * CISA:=C2=A0Supplemental Emergency Direction 26-03: Hunt and Hardening G= uidance for Cisco SD-WAN Systems [ https://www.cisa.gov/news-events/directi= ves/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wa= n-systems ]=20
    * Cisco:=C2=A0Cisco Catalyst SD-WAN Controller Authentication Bypass Vuln= erability [ https://sec.cloudapps.cisco.com/security/center/content/CiscoSe= curityAdvisory/cisco-sa-sdwan-rpa-EHchtZk ]=20
    * Cisco:=C2=A0Cisco Catalyst SD-WAN Vulnerabilities [ https://sec.cloudap= ps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-a= uthbp-qwCX8D4v ]=20
    * Cisco:=C2=A0Cisco Catalyst SD-WAN Hardening Guide [ https://sec.cloudap= ps.cisco.com/security/center/resources/Cisco-Catalyst-SD-WAN-HardeningGuide=
    ]=20
    * ASD=E2=80=99s ACSC:=C2=A0Cisco SD-WAN Threat Hunt Guide [ https://www.c= yber.gov.au/sites/default/files/2026-02/ACSC-led%20Cisco%20SD-WAN%20Hunt%20= Guide.pdf ], co-sealed by CISA, NSA, Cyber Centre, NCSC-NZ, and NCSC-UK. Th=
    is guide, based on investigative data, supports network defenders=E2=80=99 = detection of and response to the malicious actors=E2=80=99 threat activity =


    *Acknowledgements*

    NSA, ASD=E2=80=99s ACSC, Cyber Centre, NCSC-NZ, and NCSC-UK contributed to = this alert*.*

    *Disclaimer*

    The information in this report is being provided =E2=80=9Cas is=E2=80=9D fo=
    r informational purposes only. CISA does not endorse any commercial entity,=
    product, company, or service, including any entities, products, or service=
    s linked within this document. Any reference to specific commercial entitie=
    s, products, processes, or services by service mark, trademark, manufacture=
    r, or otherwise, does not constitute or imply endorsement, recommendation, =
    or favoring by CISA.=E2=80=AF

    *Notes*=C2=A0

    1=C2=A0Cisco Security, =E2=80=9CCisco Catalyst SD-WAN Hardening Guide,=E2= =80=9D last modified February 9, 2026,=C2=A0https://sec.cloudapps.cisco.com= /security/center/resources/Cisco-Catalyst-SD-WAN-HardeningGuide

    This product is provided subject to this=C2=A0Notification [ https://edit.c= isa.gov/notification ]=C2=A0and this=C2=A0Privacy & Use [ https://edit.cisa= .gov/privacy-policy ]=C2=A0policy.

    Please share your thoughts with us through this this anonymous survey [ htt= ps://cisasurvey.gov1.qualtrics.com/jfe/form/SV_9n4TtB8uttUPaM6?Source=3DGov= DeliveryED26-03-Alert-Guidance ]. We appreciate your feedback.

    Having trouble viewing this message?=C2=A0View it as a webpage [ %20 ].=C2=
    =A0 [ https://content.govdelivery.com/accounts/USDHS/bulletins/292141e ]

    You are subscribed to updates from the Cybersecurity and Infrastructure Sec= urity Agency [ https://www.cisa.gov ] (CISA)
    Manage Subscriptions [ https://public.govdelivery.com/accounts/USDHSCISA/su= bscriber/edit?preferences=3Dtrue#tab1 ]=C2=A0=C2=A0|=C2=A0=C2=A0Privacy Pol= icy [ https://www.cisa.gov/privacy-policy ]=C2=A0=C2=A0|=C2=A0 Help [ https= ://subscriberhelp.granicus.com/s/article/Subscriber-Help-Center ] [ https:/= /insights.govdelivery.com/Communications/Subscriber_Help_Center ]

    Connect with CISA:=20
    Facebook [ https://www.facebook.com/CISA ]=C2=A0 |=C2=A0 Twitter [ https://= twitter.com/CISAgov ]=C2=A0 |=C2=A0 Instagram [ https://Instagram.com/cisag=
    ov ]=C2=A0 |=C2=A0 LinkedIn [ https://www.linkedin.com/company/cybersecurit= y-and-infrastructure-security-agency ]=C2=A0 |=C2=A0=C2=A0 YouTube [ https:= //www.youtube.com/channel/UCxyq9roe-npgzrVwbpoAy0A ]

    ________________________________________________________________________

    This email was sent to cisa@toolazy.synchro.net using GovDelivery Communica= tions Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency=
    =C2=B7 707 17th St, Suite 4000 =C2=B7 Denver, CO 80202 GovDelivery logo [ = https://subscriberhelp.granicus.com/ ]=20
    body .abe-column-block { min-height: 5px; } table.gd_combo_table img {margi= n-left:10px; margin-right:10px;} table.gd_combo_table div.govd_image_displa=
    y img, table.gd_combo_table td.gd_combo_image_cell img {margin-left:0px; ma= rgin-right:0px;}

    --===============1731792185678271427==
    Content-Type: text/html; charset="utf-8"
    MIME-Version: 1.0
    Content-Transfer-Encoding: quoted-printable

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.= w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns=3D"http://www.w3.org/1999/xhtml" xml:lang=3D"en" lang=3D"en"> <head>
    <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DUTF-8"> <title> CISA and Partners Release Guidance for Ongoing Global Exploitati=
    on of Cisco SD-WAN Systems
    </title>


    </head>
    <body style=3D"">

    <table width=3D"700" border=3D"0" cellspacing=3D"0" cellpadding=3D"0"=
    align=3D"center">
    <tr>
    <td>

    <!--[if (gte mso 9)|(IE)]>
    <table style=3D"display:none"><tr><td><a name=3D"gd_top" id=3D"gd_top"></= a></td></tr></table>
    <![endif]-->
    <a name=3D"gd_top" id=3D"gd_top"></a>

    =20



    <p><img src=3D"https://content.govdelivery.com/attachments/fancy_images/U= SDHSCISA/2020/06/3486054/062920-govdeliveryheader-thin2_original.png" alt= =3D"Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today,=
    Secure Tomorrow" title=3D"" width=3D"600" height=3D"100"></p>
    <div class=3D"l-page-section l-page-section--rich-text csaf-imported">
    <div class=3D"l-constrain">
    <div class=3D"l-page-section__content">
    <h2><a href=3D"https://www.cisa.gov/news-events/alerts/2026/02/25/cisa-and-= partners-release-guidance-ongoing-global-exploitation-cisco-sd-wan-systems"= >CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisc=
    o SD-WAN Systems</a></h2>
    <p><font color=3D"#666699"><em><span>02/25/2026 11:00 AM EST</span></em></f= ont></p>
    <p><em>The purpose of this Alert is to provide resources for organizations = with Cisco Software-Defined Wide-Area Networking (SD-WAN) systems, includin=
    g Federal Civilian Executive Branch (FCEB) agencies, to address ongoing exp= loitation of multiple vulnerabilities. Notably, the Cybersecurity and Infra= structure Security Agency (CISA) has added=C2=A0</em><a href=3D"https://www= .cve.org/CVERecord?id=3DCVE-2026-20127" target=3D"_blank" title=3D"CVE-2026= -20127" class=3D"ext" data-extlink=3D"" rel=3D"noopener">CVE-2026-20127</a>= <em><span>=C2=A0</span>and=C2=A0</em><a href=3D"https://www.cve.org/CVEReco= rd?id=3DCVE-2022-20775" target=3D"_blank" title=3D"CVE-2022-20775" class=3D= "ext" data-extlink=3D"" rel=3D"noopener">CVE-2022-20775</a><em><span>=C2=A0= </span>to its Known Exploited Vulnerabilities (KEV) Catalog on Feb. 25, 202=
    6. As a result of the malicious cyber activity and vulnerabilities involvin=
    g Cisco SD-WAN systems, CISA has outlined requirements for FCEB agencies in=
    Emergency Directive (ED) 26-03 to inventory Cisco SD-WAN systems, update t= hem, and assess compromise.</em></p>
    <p>CISA and partners have observed malicious cyber actors targeting and com= promising Cisco SD-WAN systems of organizations, globally. These actors hav=
    e been observed exploiting a previously undisclosed authentication bypass v= ulnerability, CVE-2026-20127, for initial access before escalating privileg=
    es using CVE-2022-20775 and establishing long-term persistence in Cisco SD-= WAN systems.</p>
    <p>CISA, National Security Agency (NSA), and international partners Austral= ian Signals Directorate=E2=80=99s Australian Cyber Security Centre (ASD=E2= =80=99s ACSC), Canadian Centre for Cyber Security (Cyber Centre), New Zeala=
    nd National Cyber Security Centre (NCSC-NZ), and United Kingdom National Cy= ber Security Centre (NCSC-UK), hereafter the =E2=80=9Cauthoring organizatio= ns,=E2=80=9D strongly urge network defenders to immediately 1) inventory al=
    l in-scope Cisco SD-WAN systems, 2) collect artifacts, including virtual sn= apshots and logs off of SD-WAN systems to support threat hunt activities, 3=
    ) fully patch Cisco SD-WAN systems with available updates, 4) hunt for evid= ence of compromise, and 5) concurrently review Cisco=E2=80=99s latest secur= ity advisories,<span>=C2=A0</span><a href=3D"https://sec.cloudapps.cisco.co= m/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk"=
    target=3D"_blank" title=3D"Cisco Catalyst SD-WAN Controller Authentication=
    Bypass Vulnerability" class=3D"ext" data-extlink=3D"" rel=3D"noopener">Cis=
    co Catalyst SD-WAN Controller Authentication Bypass Vulnerability</a><span>= =C2=A0</span>and<span>=C2=A0</span><a href=3D"https://sec.cloudapps.cisco.c= om/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX= 8D4v" target=3D"_blank" title=3D"Cisco Catalyst SD-WAN Vulnerabilities" cla= ss=3D"ext" data-extlink=3D"" rel=3D"noopener">Cisco Catalyst SD-WAN Vulnera= bilities</a>, and implement<span>=C2=A0</span><a href=3D"https://sec.clouda= pps.cisco.com/security/center/resources/Cisco-Catalyst-SD-WAN-HardeningGuid=
    e" target=3D"_blank" title=3D"Cisco=E2=80=99s SD-WAN Hardening Guidance" cl= ass=3D"ext" data-extlink=3D"" rel=3D"noopener">Cisco=E2=80=99s SD-WAN Harde= ning Guidance</a>.<a href=3D"https://www.cisa.gov/news-events/alerts/2026/0= 2/25/cisa-and-partners-release-guidance-ongoing-global-exploitation-cisco-s= d-wan-systems#note1"><sup>1</sup></a></p>
    <p>To address malicious activity involving vulnerable Cisco SD-WAN systems,=
    CISA issued<span>=C2=A0</span><a href=3D"https://www.cisa.gov/news-events/= directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems" target= =3D"_blank" title=3D"Emergency Directive 26-03: Mitigate Vulnerabilities in=
    Cisco SD-WAN Systems" rel=3D"noopener">Emergency Directive 26-03: Mitigate=
    Vulnerabilities in Cisco SD-WAN Systems</a>, which outlines requirements f=
    or FCEB agencies to inventory Cisco SD-WAN systems, update them, and assess=
    compromise. Further, CISA released<span>=C2=A0</span><a href=3D"https://ww= w.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-= hardening-guidance-cisco-sd-wan-systems" target=3D"_blank" title=3D"Supplem= ental Emergency Directive 26-03: Hunt and Hardening Guidance for Cisco SD-W=
    AN Systems" rel=3D"noopener">Supplemental Emergency Direction 26-03: Hunt a=
    nd Hardening Guidance for Cisco SD-WAN Systems</a><span>=C2=A0</span>to pro= vide prescriptive actions for FCEB agencies.=C2=A0</p>
    <p>Cisco=E2=80=99s Catalyst SD-WAN Hardening Guide recommends that network = defenders address:</p>


    <strong>Network perimeter controls</strong>: Ensure control components are = behind a firewall, isolate virtual private network (VPN) 512 interfaces, an=
    d use internet protocol (IP) blocks for manually provisioned edge IPs.</li>

    <strong>SD-WAN manager access</strong>: Replace the self-signed certificate=
    for the web user interface.</li>

    <strong>Control and data plane security</strong>: Use pairwise keys.</li>

    <strong>Session timeout</strong>: Limit to the shortest period possible.</l=


    <strong>Logging</strong>: Forward to a remote syslog server.</li>
    </ul>
    <p>CISA and the authoring organizations are providing the following resourc= es:=E2=80=AF=C2=A0</p>

    <li>CISA:<span>=C2=A0</span><a href=3D"https://www.cisa.gov/news-events/dir= ectives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems" target=3D"_= blank" title=3D"Emergency Directive 26-03: Mitigate Vulnerabilities in Cisc=
    o SD-WAN Systems" rel=3D"noopener">Emergency Directive 26-03: Mitigate Vuln= erabilities in Cisco SD-WAN Systems</a>
    </li>
    <li>CISA:<span>=C2=A0</span><a href=3D"https://www.cisa.gov/news-events/dir= ectives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-s= d-wan-systems" target=3D"_blank" title=3D"Supplemental Emergency Directive = 26-03: Hunt and Hardening Guidance for Cisco SD-WAN Systems" rel=3D"noopene= r">Supplemental Emergency Direction 26-03: Hunt and Hardening Guidance for = Cisco SD-WAN Systems</a>
    </li>
    <li>Cisco:<span>=C2=A0</span><a href=3D"https://sec.cloudapps.cisco.com/sec= urity/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk" targ= et=3D"_blank" title=3D"Cisco Catalyst SD-WAN Controller Authentication Bypa=
    ss Vulnerability" class=3D"ext" data-extlink=3D"" rel=3D"noopener">Cisco Ca= talyst SD-WAN Controller Authentication Bypass Vulnerability</a>
    </li>
    <li>Cisco:<span>=C2=A0</span><a href=3D"https://sec.cloudapps.cisco.com/sec= urity/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v" = target=3D"_blank" title=3D"Cisco Catalyst SD-WAN Vulnerabilities" class=3D"= ext" data-extlink=3D"" rel=3D"noopener">Cisco Catalyst SD-WAN Vulnerabiliti= es</a>
    </li>
    <li>Cisco:<span>=C2=A0</span><a href=3D"https://sec.cloudapps.cisco.com/sec= urity/center/resources/Cisco-Catalyst-SD-WAN-HardeningGuide" target=3D"_bla= nk" title=3D"Cisco Catalyst SD-WAN Hardening Guide" class=3D"ext" data-extl= ink=3D"" rel=3D"noopener">Cisco Catalyst SD-WAN Hardening Guide</a>
    </li>
    <li>ASD=E2=80=99s ACSC:<span>=C2=A0</span><a href=3D"https://www.cyber.gov.= au/sites/default/files/2026-02/ACSC-led%20Cisco%20SD-WAN%20Hunt%20Guide.pdf=
    " target=3D"_blank" title=3D"Cisco SD-WAN Threat Hunt Guide" class=3D"ext" = data-extlink=3D"" rel=3D"noopener">Cisco SD-WAN Threat Hunt Guide</a>, co-s= ealed by CISA, NSA, Cyber Centre, NCSC-NZ, and NCSC-UK. This guide, based o=
    n investigative data, supports network defenders=E2=80=99 detection of and = response to the malicious actors=E2=80=99 threat activity</li>
    </ul>
    <h2><strong>Acknowledgements</strong></h2>
    <p>NSA, ASD=E2=80=99s ACSC, Cyber Centre, NCSC-NZ, and NCSC-UK contributed =
    to this alert<strong>.</strong></p>
    <h2><strong>Disclaimer</strong></h2>
    <p>The information in this report is being provided =E2=80=9Cas is=E2=80=9D=
    for informational purposes only. CISA does not endorse any commercial enti= ty, product, company, or service, including any entities, products, or serv= ices linked within this document. Any reference to specific commercial enti= ties, products, processes, or services by service mark, trademark, manufact= urer, or otherwise, does not constitute or imply endorsement, recommendatio=
    n, or favoring by CISA.=E2=80=AF</p>

    <strong>Notes</strong>=C2=A0</h2>
    <p><a id=3D"Note1" name=3D"Note1"></a>1<span>=C2=A0</span>Cisco Security, = =E2=80=9CCisco Catalyst SD-WAN Hardening Guide,=E2=80=9D last modified Febr= uary 9, 2026,<span>=C2=A0</span><a href=3D"https://sec.cloudapps.cisco.com/= security/center/resources/Cisco-Catalyst-SD-WAN-HardeningGuide" target=3D"_= blank" title=3D"(opens in a new window)" class=3D"ext" data-extlink=3D"" re= l=3D"noopener">https://sec.cloudapps.cisco.com/security/center/resources/Ci= sco-Catalyst-SD-WAN-HardeningGuide</a></p>
    </div>
    </div>
    </div>
    <div class=3D"l-constrain l-page-section--rich-text">
    <div class=3D"l-page-section__content">
    <div class=3D"c-field c-field--name-body c-field--type-text-with-summary c-= field--label-hidden">
    <div class=3D"c-field__content">
    <p>This product is provided subject to this=C2=A0<a href=3D"https://edit.ci= sa.gov/notification" target=3D"_blank" title=3D"Follow link" rel=3D"noopene= r">Notification</a>=C2=A0and this=C2=A0<a href=3D"https://edit.cisa.gov/pri= vacy-policy" target=3D"_blank" title=3D"Follow link" rel=3D"noopener">Priva=
    cy &amp; Use</a>=C2=A0policy.</p>
    </div>
    </div>
    </div>
    </div>
    <p>Please share your thoughts with us through this this <a href=3D"https://= cisasurvey.gov1.qualtrics.com/jfe/form/SV_9n4TtB8uttUPaM6?Source=3DGovDeliv= eryED26-03-Alert-Guidance">anonymous survey</a>. We appreciate your feedbac= k.</p>
    =20


    <div id=3D"mail_footer">
    <p style=3D"text-align: center;"><span style=3D"font-size: 10.0pt; colo=
    r: #757575;">Having trouble viewing this message?=C2=A0</span><a href=3D"ht= tps://links-2.govdelivery.com/CL0/%2520/1/0101019c95b53222-63f9c43f-9e9a-40= cc-811e-13ab4a106673-000000/5F7NKAmYwMuIJwD00c5GEsOXa_gQGQBh-v6_o_NedXc=3D4= 46" target=3D"_blank" rel=3D"noopener">View it as a webpage</a>.=C2=A0<a hr= ef=3D"https://content.govdelivery.com/accounts/USDHS/bulletins/292141e" tar= get=3D"_blank" rel=3D"noopener"></a><span style=3D"font-size: 10.0pt; color=
    : #757575;"></span></p>
    <p style=3D"text-align: center;"><span style=3D"font-size: 10.0pt; color: #= 757575;">You are subscribed to updates from the </span><a href=3D"https://w= ww.cisa.gov"><span style=3D"font-size: 10.0pt;">Cybersecurity and Infrastru= cture Security Agency</span></a><span style=3D"font-size: 10.0pt; color: #7= 57575;"> (CISA)<br></span><a href=3D"https://public.govdelivery.com/account= s/USDHSCISA/subscriber/edit?preferences=3Dtrue#tab1" target=3D"_blank" rel= =3D"noopener"><span style=3D"font-size: 10.0pt; color: #00568c;">Manage Sub= scriptions</span></a>=C2=A0=C2=A0<span style=3D"font-size: 10.0pt; color: #= 757575;">|=C2=A0=C2=A0</span><a href=3D"https://www.cisa.gov/privacy-policy=
    " target=3D"_blank" rel=3D"noopener"><span style=3D"font-size: 10.0pt; colo=
    r: #00568c;">Privacy Policy</span></a><span style=3D"font-size: 10.0pt; col= or: #757575;">=C2=A0=C2=A0|=C2=A0 <a href=3D"https://subscriberhelp.granicu= s.com/s/article/Subscriber-Help-Center" target=3D"_blank" rel=3D"noopener">= Help</a><a href=3D"https://insights.govdelivery.com/Communications/Subscrib= er_Help_Center" target=3D"_blank" rel=3D"noopener"></a></span><span style= =3D"font-size: 10.0pt; color: #757575;"></span></p>
    <p style=3D"text-align: center;"><span style=3D"font-size: 10.0pt; color: #= 757575;">Connect with CISA: <br></span><a href=3D"https://www.facebook.com/= CISA" target=3D"_blank" rel=3D"noopener"><span style=3D"font-size: 10.0pt; = color: #00568c;">Facebook</span></a><span style=3D"font-size: 10.0pt; color=
    : #757575;">=C2=A0 |=C2=A0 </span><a href=3D"https://twitter.com/CISAgov" t= arget=3D"_blank" rel=3D"noopener"><span style=3D"font-size: 10.0pt; color: = #00568c;">Twitter</span></a><span style=3D"font-size: 10.0pt; color: #75757= 5;">=C2=A0 |=C2=A0 </span><a href=3D"https://Instagram.com/cisagov" target= =3D"_blank" rel=3D"noopener"><span style=3D"font-size: 10.0pt; color: #0056= 8c;">Instagram</span></a><span style=3D"font-size: 10.0pt; color: #757575;"= >=C2=A0 |=C2=A0 </span><a href=3D"https://www.linkedin.com/company/cybersec= urity-and-infrastructure-security-agency" target=3D"_blank" rel=3D"noopener= "><span style=3D"font-size: 10.0pt; color: #00568c;">LinkedIn</span></a><sp=
    an style=3D"font-size: 10.0pt; color: #757575;">=C2=A0 |=C2=A0=C2=A0 </span= ><a href=3D"https://www.youtube.com/channel/UCxyq9roe-npgzrVwbpoAy0A" targe= t=3D"_self"><span style=3D"font-size: 10.0pt; color: #00568c;">YouTube</spa= n></a><span style=3D"font-size: 10.0pt; color: #757575;"></span></p>

    </div>
    <div id=3D"tagline">
    <hr>
    <table style=3D"width: 100%;" border=3D"0" cellspacing=3D"0" cellpadding=3D=

    <tbody>

    <td style=3D"color: #757575; font-size: 10px; font-family: Arial;" width=3D= "89%">This email was sent to cisa@toolazy.synchro.net using GovDelivery Com= munications Cloud, on behalf of: Cybersecurity and Infrastructure Security = Agency =C2=B7 707 17th St, Suite 4000 =C2=B7 Denver, CO 80202</td>
    <td align=3D"right" width=3D"11%"><a href=3D"https://subscriberhelp.granicu= s.com/" target=3D"_blank" rel=3D"noopener"><img src=3D"https://content.govd= elivery.com/images/govd-logo-dark.png" border=3D"0" alt=3D"GovDelivery logo=
    " width=3D"115"></a></td>
    </tr>
    </tbody>
    </table>
    <style type=3D"text/css">body .abe-column-block { min-height: 5px; } table.= gd_combo_table img {margin-left:10px; margin-right:10px;} table.gd_combo_ta= ble div.govd_image_display img, table.gd_combo_table td.gd_combo_image_cell=
    img {margin-left:0px; margin-right:0px;}</style>

    </div>
    </td>
    </tr>
    </table>

    <img alt=3D"" src=3D"https://links-2.govdelivery.com/CI0/0101019c95b53222-6= 3f9c43f-9e9a-40cc-811e-13ab4a106673-000000/L-jAql9LNlzMHN5ENIzZuBTVD3lubenK= whr5_JQGQi4=3D446" style=3D"display: none; width: 1px; height: 1px;">
    </body>
    </html>

    --===============1731792185678271427==--

    --===============8856491512790867670==--