The Cybersecurity and Infrastructure Security Agency is directing agencies to address potential security vulnerabilities in widely used software management devices after the source code and customer data were recently accessed by nation-state hackers.