SolarWinds was the victim of a cyberattack to our systems that inserted a vulnerability (SUNBURST) within our Orion® Platform software builds for versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1, which, if present and activated, could potentially allow an attacker to compromise the server on which ⦠An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as a zero-day to deploy the SUPERNOVA malware in target ⦠On December 13, 2020, the Cybersecurity & Infrastructure Agency (CISA) released Emergency Directive 21-01: Mitigate SolarWinds Orion Code Compromise. which we are updating as we learn new information. Active Exploitation of SolarWinds Software. On Saturday, December 12, our CEO was advised by an executive at FireEye of a security vulnerability in our Orion Software Platform which was the result of a very sophisticated cyberattack on SolarWinds. SUNBURST Information. Can be used in conjunction with CVE-2020-25622 for a one-click root RCE attack chain A local privilege escalation vulnerability (CVE-2020-25618). To accomplish that, we swiftly released hotfix updates to impacted customers that we believe will close the code vulnerability when implemented. Qualys to offer a free 60-day integrated Vulnerability Management, Detection and Response service to help organizations quickly assess the devices impacted by SolarWinds Orion vulnerabilities, SUNBURST Trojan detections, or FireEye Red Team tools, and to remediate them and track their remediation via ⦠On Tuesday, 8 December 2020, FireEye reported unauthorized access of their Red Team tools due to a security vulnerability. contribute to our product development process. On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure. After our release of Orion 2020.2.1 HF 2 on Tuesday night, December 15, we believe the Orion Platform now meets the US Federal and state agencies' requirements. The vulnerable versions, 2019.4 HF 5 to 2020.2.1 HF 1, released between March and June 2020, includes a file that contains a backdoor called SUNBURST. We soon discovered that we had been the victim of a malicious cyberattack that impacted our Orion ⦠The vulnerability has only been identified in updates to the Orion Platform products delivered between March and June 2020, but our investigations are still ongoing. Developed by network and systems engineers who know what it takes to manage today's dynamic IT environments, In a separate event, earlier this month, the National Security Agency (NSA) identified a ⦠We swiftly released hotfix updates to impacted customers, regardless of their maintenance status, that we believe will close the vulnerability when implemented. We remain focused on addressing the needs of our customers, our partners, and the broader technology industry. You must be a registered user to add a comment. Security Information All rights reserved. We also have had numerous conversations with security professionals to further assist them in their research. We remain focused on addressing the needs of our customers, our partners, and the broader technology industry. We have reached out and spoken to thousands of customers and partners in the past few days, and we will continue to be in constant communication with our customers and partners to provide timely information, answer questions and assist with upgrades. By clicking OK, you consent to the use of cookies. SolarWinds has stated the vulnerability affects users of Orion versions: 2019.4 HF 5; 2020.2 â 2020.2 HF 1; This affects the following products: Application Centric Monitor (ACM) Database Performance Analyzer Integration Module (DPAIM) Enterprise Operations Console (EOC) High Availability (HA) IP Address Manager ⦠SolarWinds Orion Security Advisory. We have retained industry-leading third-party cybersecurity experts to assist us with this work and are actively collaborating with our partners, vendors, law enforcement and intelligence agencies around the world. Our top priority has been to take all steps necessary to ensure that our and our customers’ environments are secure. SolarWinds provided two hotfix updates on December 14 and 15, 2020, that contained security enhancements, including those designed to prevent certain versions of the Orion Platform products from being exploited in ⦠We understand and share our customers’ and the industry’s concerns, and we are grateful for the continued support and understanding that we have received. We are providing our customers, experts and others in the IT and security industries detailed information regarding the incident to aid with identifying indicators of compromise and steps they can take to further harden their systems against unauthorized incursion. The root cause of the SolarWinds Orion compromise attack was a vulnerability in the following versions of SolarWinds Orion software: The first step in managing risk from the SolarWinds Orion compromise is to identify all assets in your environment for the potential vulnerability. 12-17-2020 04:50 PM. At the same time, of course, we know that we are the subject of scrutiny and speculation. Disconnecting affected devices, as described below in Required Action 2, is the only known mitigation measure ⦠SolarWinds Orion products (affected versions are 2019.4 through 2020.2.1 HF1) are currently being exploited by malicious actors. SolarWinds asks all customers to upgrade immediately to Orion Platform version 2020.2.1 HF 2 to address a security vulnerability. Know that each of our 3,200 team members is united in our efforts to meet this challenge. These tools can be found on our Security Advisory page at www.solarwinds.com/securityadvisory which we are updating as we learn new information. Details of these vulnerabilities are as follows: An OS command-injection vulnerability due to traversal issue (CVE-2020-25617). CVE-2020-10148: Authentication Bypass Flaw in SolarWinds Orion API. The vulnerability was not evident in the Orion Platform products’ source code but appears to have been inserted during the Orion software build process. Please send us a DM with your contact info and we'll have someone get in⦠t.co/CvxmQO6hxN, As the role of the #ITPro continues to evolve, what are the top skills needed? Otherwise, register and sign in. SolarWinds Update on Security Vulnerability, We are providing our customers, experts and others in the IT and security industries detailed information regarding the incident to aid with identifying indicators of compromise and steps they can take to further harden their systems against unauthorized incursion. We are taking extraordinary measures to accomplish this goal. These updates were made available to all customers we believe to have been impacted, regardless of their current maintenance status. SolarWinds uses cookies on its websites to make your online experience easier and better. If you've already registered, sign in. Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign.. Original release date: December 13, 2020 | Last revised: December 14, 2020. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected. Yesterday, SolarWinds, a widely used security and IT management tool, issued a security advisory notifying customers of a cyberattack to their systems that inserted a vulnerability within the SolarWinds® Orion® Platform software builds for versions 2019.4 HF 5 and 2020.2 with no hotfix installed or 2020.2 HF 1. This particular intrusion is so targeted and complex that experts are referring to it as the SUNBURST attack. In Server Secure, this requires a simple search for CVE-2020 ⦠Also, while we are still investigating our non-Orion products, to date we have not seen evidence that they are impacted by SUNBURST. Summary The vulnerabilities described herein c an be combined to create multiple critical attack paths which compromise the SolarWinds N-Central backend: As we’ve noted, the attacks on our systems were incredibly complex, and it will take some time for our investigative work to be complete. SolarWinds was the victim of a cyberattack that inserted a vulnerability (SUNBURST) within our Orion ® Platform software builds for versions 2019.4 HF 5, 2020.2 with no hotfix, and 2020.2 HF 1, which, if present and activated, could potentially allow an attacker to compromise the server on which the Orion Platform products run. We also immediately analyzed the limited use of SolarWinds in our environment and found no evidence of exploitation. This trojan communicates with its C2 servers over HTTP. Meanwhile, SolarWinds advises customers to upgrade to SolarWinds Orion Platform version 2020.2.1 HF 1 or 2019.4 HF 6 as ⦠SolarWinds Update on Security Vulnerability. All rights reserved. Forward-Looking Statements This communication contains “forward-looking” statements, which are subject to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, including statements regarding SolarWinds’ understanding of the vulnerability that was inserted within its Orion monitoring products, the potential sources of these security incidents, SolarWinds’ response to the security incidents and related investigations, the status of and facts uncovered in its investigations to date, SolarWinds’ efforts to improve the security of its products and its customers and its environments. December 26, 2020 Ravie Lakshmanan. Updated December 24, 2020. We have retained industry-leading third-party cybersecurity experts to assist us with this work and are actively collaborating with our partners, vendors, law enforcement and intelligence agencies around the world. SolarWinds has released a hotfix, Orion Platform version 2020.2.1 HF 2, to address the vulnerability. More information is available here. Our top priority has been to take all steps necessary to ensure that our and our customersâ environments are secure. Our shared goal is to better understand and protect against these types of malicious attacks in the future. SolarWinds RMM: Security Notice Regarding An Agent Vulnerability Pre v10.8.9 Posted on June 15, 2020 by brianmackie A vulnerability was recently reported in RMM Windows Agent versions prior to version 10.8.9, that, if successfully exploited, could allow a local user to replace files, elevate their privilege, and ⦠All information provided in this communication is as of the date hereof and SolarWinds undertakes no duty to update this information except as required by law. SolarWinds has a deep connection to the IT community. SolarWinds Orion Vulnerability December 14, 2020 The U.S. Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have confirmed that malicious threat actors have been and are actively exploiting vulnerabilities in SolarWinds Orion products, specifically affected ⦠We were very pleased and proud to hear that colleagues in the industry discovered a âkillswitchâ that will prevent the malicious code from being used to create a compromise. More than 150,000 members are here to solve problems, share technology and best practices, and directly
This was a highly sophisticated cyberattack on our systems that inserted a vulnerability within our Orion® Platform products. This vulnerability can be exploited in combination with CVE-2020-25617 resulting in a one-click root RCE attack chain. Our focus on the user and commitment to excellence in end-to-end hybrid IT management has established SolarWinds as a worldwide leader in solutions for network and IT service management, application performance, and managed services. Enterprises using products or services from affected technology companies should refer to the respective companiesâ websites for updates and recommended actions. IT management products that are effective, accessible, and easy to use. We shared all of our proprietary code libraries that we believed to have been affected by SUNBURST to give security professionals the information they needed to do their research. We are continuing to take measures to ensure our internal systems are secure, including deploying the Falcon Endpoint Protection Platform across the endpoints on our systems. On Saturday, December 12, our CEO was advised by an executive at FireEye of a security vulnerability in our Orion Software Platform which was the result of a very sophisticated cyberattack on SolarWinds. SolarWinds (NYSE:SWI) is a leading provider of powerful and affordable IT management software. The insights we gain from them, in places like our THWACK community, allow us to solve well-understood IT management challenges in the ways technology professionals want them solved. Here are a few important things to know: Weâre Geekbuilt.® Developed by network and systems engineers who know what it takes to manage today's dynamic IT environments, SolarWinds has a deep connection to…. To accomplish that, we swiftly released hotfix updates to impacted customers that we believe will close the code vulnerability when implemented. On December 27, 2020, SolarWinds issued a risk notice for SolarWinds code execution vulnerability, the vulnerability number is CVE-2020-10148. In order to be as clear as possible, we want to highlight that the exploration by SolarWinds of the potential spinoff of its MSP business and the departure of our CEO, were announced in August 2020. On Saturday, December 12, our CEO was advised by an executive at FireEye of a security vulnerability in our Orion Software Platform which was the result of a very sophisticated cyberattack on SolarWinds. Legal Documents This website uses cookies. On December 26, the CERT Coordination Center (CERT/CC) published a vulnerability note for CVE-2020-10148, an authentication bypass vulnerability in the SolarWinds ⦠These updates were made available to all customers we believe to have been impacted, regardless of their current maintenance status. Prior to following SolarWindâs recommendation to utilize Orion Platform release 2020.2.1 HF 1, which is currently available via the SolarWinds Customer Portal, organizations should consider preserving impacted devices and building new systems using the latest versions. Forward-looking statements involve known and unknown risks, uncertainties and other factors that may cause actual results, performance or achievements to be materially different from any future results, performance or achievements expressed or implied by the forward-looking statements. SolarWinds has a deep connection to the IT community. We are providing direct support to these customers and will help them complete their upgrades quickly. Factors that could cause or contribute to actual results, performance or achievements to be different include, but are not limited to, (a) the discovery of new or different information regarding the vulnerability within SolarWinds’ Orion Platform products or of additional vulnerabilities within, or attacks on, the Orion Platform products or any of SolarWinds’ other products, services and systems, (b) the discovery of new or different information regarding the exploitation of the vulnerability in the Orion Platform products, (c) the possibility that SolarWinds’ mitigation and remediation efforts with respect to its Orion Platform products and/or internal systems may not be successful, (d) the possibility that customer, personnel or other data was exfiltrated as a result of the vulnerability in the Orion monitoring products, (e) numerous financial, legal, reputational and other risks to SolarWinds related to the security incidents, including risks that the incidents may result in the loss, compromise or corruption of data, loss of business, severe reputational damage adversely affecting customer or vendor relationships and investor confidence, U.S. or foreign regulatory investigations and enforcement actions, litigation, indemnity obligations, damages for contractual breach, penalties for violation of applicable laws or regulations, significant costs for remediation and the incurrence of other liabilities, (f) risks that SolarWinds’ errors and omissions insurance coverage covering certain security and privacy damages and claim expenses may not be available or sufficient to compensate for all liabilities SolarWinds incurs related to the incidents and (g) such other risks and uncertainties described more fully in documents filed with or furnished to the U.S. Securities and Exchange Commission by SolarWinds, including the risk factors discussed in SolarWinds’ Annual Report on Form 10-K for the period ended December 31, 2019 filed on February 24, 2020, its Quarterly Report on Form 10-Q for the quarter ended March 31, 2020 filed on May 8, 2020, its Quarterly Report on Form 10-Q for the quarter ended June 30, 2020 filed on August 10, 2020 and its Quarterly Report on Form 10-Q for the quarter ended September 30, 2020 filed on November 5, 2020. Security patches have been released for each of these versions specifically to address this new vulnerability. While security professionals and other experts have attributed the attack to an outside nation-state, we have not independently verified the identity of the attacker. The vulnerability level is critical. © 2019 SolarWinds Worldwide, LLC. @AGarejo Hello, We are working towards releasing Orion 2020.2.4 and appreciate the patience of you and all our cust⦠t.co/x4lwFQFsU4, @DrPayload Hello, Thanks for reaching out. We were very pleased and proud to hear that colleagues in the industry discovered a “killswitch” that will prevent the malicious code from being used to create a compromise. On Saturday, December 12, our CEO was advised by an executive at FireEye of a security vulnerability in our Orion Software Platform which was the result of a very sophisticated cyberattack on SolarWinds. SolarWinds was the victim of a cyberattack that inserted a vulnerability into its Orion Software which, if present, could potentially allow an attacker to ⦠These tools can be found on our Security Advisory page at. We swiftly released hotfix updates to impacted customers, regardless of their maintenance status, that we believe will close the vulnerability when implemented. SolarWinds was the victim of a cyberattack that inserted a vulnerability (SUNBURST) within our Orion® Platform software builds for versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1, which, if present ⦠Finally, all sales of stock by executive officers in November were made under pre-established Rule 10b5-1 selling plans and not discretionary sales. These forward-looking statements are based on management's beliefs and assumptions and on information currently available to management, which may change as the investigations proceed and new or different information is discovered. We soon ⦠We also have had numerous conversations with security professionals to further assist them in their research. We soon discovered that we had been the victim of a malicious cyberattack that impacted our Orion Platform products as well as our internal systems. SolarWinds Customer How-To & Best Practices. Dec. 21, 2020. The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 HF 5 through 2020.2.1 HF 1, released ⦠We are solely focused on our customers and the industry we serve. By using our website, you consent to our use of cookies. The result? Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type. ⦠An issue was discovered in SolarWinds N-Central 12.3.0.670. Our investigations are still at their early stages and are on-going, including the work required to understand the root cause analysis of the attack and to ensure that our and our customers’ environments are secure and to fully assess and, if required, remediate any vulnerabilities within the Orion Platform products and to assess whether other vulnerabilities exist with the Orion Platform products or in SolarWinds’ other products and services. Immediately after this call, we mobilized our incident response team and quickly shifted significant internal resources to investigate and remediate the vulnerability. The attackers used the Orion platformâs vulnerability â one of SolarWinds well-known products, to inject malicious backdoor codes and delivered them to the customers using software updates. The vulnerability was not evident in the Orion Platform productsâ source code but appears to have been inserted during the Orion software build process. Also, while we are still investigating our non-Orion products, to date we have not seen evidence that they are impacted by SUNBURST. Administrators are advised to apply the hotfix as soon as possible. Factors that could cause or contribute to such differences include, but are not limited to, (a) the discovery of new or different information regarding the SUPERNOVA malware, the SUNBURST vulnerability and related security incidents or of additional vulnerabilities within, or attacks on, SolarWindsâ products, services and systems, (b) the possibility that SolarWinds⦠Immediate Mitigation Recommendations. This tactic permits an attacker to gain access to network traffic management systems. In a new update posted to its advisory page, the company urged its customers to update Orion Platform to version 2020⦠A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware. Find out in this article. We are taking extraordinary measures to accomplish this goal. We have no indication that VMware has any involvement in the nation-state attack on SolarWinds. At SolarWinds, our desire is to have our customers on the latest release of all our software products. The vulnerability has only been identified in updates to the Orion Platform products delivered between March and June 2020, but our investigations are still ongoing. We have reached out and spoken to thousands of customers and partners in the past few days, and we will continue to be in constant communication with our customers and partners to provide timely information, answer questions and assist with upgrades. CVE-2020-25619 Detail Current Description . â¢. © 2021 SolarWinds Worldwide, LLC. 12-17-2020 04:50 PM. We are solely focused on our customers and the industry we serve. Our products give organizations worldwide—regardless of type, size, or complexity—the power to monitor and manage their IT services, infrastructures, and applications; whether on-premises, in the cloud, or via hybrid models. We will continue to investigate these matters and share what information we can to continually find ways to improve our collective security from these types of attacks. All Rights Reserved. While security professionals and other experts have attributed the attack to an outside nation-state, we have not independently verified the identity of the attacker. FireEye has given the campaign an identifier of UNC2452 and is further naming the trojanized version of the SolarWinds ⦠SolarWinds has been made aware of a cyberattack that inserted a vulnerability within SolarWinds® Orion® Platform software builds for versions 2019.4 HF 5, 2020.2 with no hotfix, and 2020.2 HF 1, which, if present and activated, could potentially allow an attacker to compromise the server on which ⦠December 17, 2020 | SolarFocus. SolarWinds and CISA issued security advisories warning of active exploitation of the SolarWinds Orion Platform software released between March and June, and Microsoft has been tracking the SUNBURST backdoor since March. Documentation & Uninstall Information. We are committed to being deliberate as we take this on. We're Geekbuilt For more information on cookies, see our, Committed To Security: SolarWinds Database Performance Monitor and SOC 2 Type 1, Overcoming Security ObjectionsâSolarWinds TechPod 011, SolarWinds Makes ITSM Debut with SolarWinds Service Desk, Orion SDK 101: Intro to PowerShell and Orion API â SolarWinds Lab Episode #86. We soon discovered that we had been the victim of a malicious cyberattack that impacted our Orion Platform products as well as our internal systems. Immediately after this call, we mobilized our incident response team and quickly shifted significant internal resources to investigate and remediate the vulnerability. We are continuing to take measures to ensure our internal systems are secure, including deploying the Falcon Endpoint Protection Platform across the endpoints on our systems. Developed by network and systems engineers who know what it takes to manage today’s dynamic IT environments, We are providing direct support to these customers and will help them complete their upgrades quickly. A highly skilled manual supply chain attack on the SolarWinds Orion IT network monitoring product allowed hackers to compromise the networks of public and private organizations, FireEye said. This was a highly sophisticated cyberattack on our systems that inserted a vulnerability within our Orion® Platform products. © 2021 SolarWinds Worldwide, LLC. Currently and until SolarWinds deploys a fix, the only known way to prevent further compromise is to disconnect ⦠We shared all of our proprietary code libraries that we believed to have been affected by SUNBURST to give security professionals the information they needed to do their research. This particular intrusion is so targeted and complex that experts are referring to it as the SUNBURST attack. SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. We continuously engage with technology professionals—IT service and operations professionals, DevOps professionals, and managed services providers (MSPs)—to understand the challenges they face in maintaining high-performing and highly available IT infrastructures and applications. Know that each of our 3,200 team members is united in our efforts to meet this challenge. SolarWinds Orion Platform Version 2020.2; SolarWinds Orion Platform Version 2020.2 HF1; For CVE-2020-10148, SolarWinds Orion Platform versions 2019.2 HF 3, 2018.4 HF 3, and 2018.2 HF 6 are also affected. View Analysis Description This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds disclosed a vulnerability outside the supply chain attack. The backdoor codes were injected on the software updates distributed last March and June 2020 to perform ⦠Forward-looking statements include all statements that are not historical facts and may be identified by terms such as “aim,” “anticipate,” “believe,” “can,” “could,” “seek,” “should,” “feel,” “expect,” “will,” “would,” “plan,” “intend,” “estimate,” “continue,” “may,” or similar expressions and the negatives of those terms. Initial findings suggest that the campaign began in late February 2020 and lasted several months. After our release of Orion 2020.2.1 HF 2 on Tuesday night, December 15, we believe the Orion Platform now meets the US Federal and state agencies' requirements. FireEye also announced that this attack had compromised SolarWinds Orion software updates resulting in a SolarWinds supply chain vulnerability. Learn more today at www.solarwinds.com. t.co/bDhW4DmaoR. Team and quickly shifted significant internal resources to investigate and remediate the vulnerability when implemented for a one-click RCE. Committed to being deliberate as we learn new information chain attack than 150,000 members are here to solve,. Sophisticated cyberattack on our customers, our partners, and the industry we serve their status... | Last revised: December 13, 2020 | Last revised: December 14 2020. Our environment and found no evidence of exploitation be found on our Security Advisory page at which... Www.Solarwinds.Com/Securityadvisory which we are taking extraordinary measures to accomplish this goal vulnerability could allow a remote to. Easier and better seen evidence that they are impacted by SUNBURST more than 150,000 members are here solve! Thwack® online community meet this challenge matches as you type root RCE attack chain a local privilege vulnerability! Of course, we swiftly released hotfix updates to impacted customers, our,. Technology industry or services from affected technology companies should refer to the use of cookies also, we! Evidence of exploitation on its websites to make your online experience easier and better deliberate as we new! Platform products allow a remote attacker to bypass authentication and execute API commands which may in... Taking extraordinary measures to solarwinds vulnerability 2020 that, we mobilized our incident response team and quickly shifted internal. In Server secure, this requires a simple search for CVE-2020 ⦠Active exploitation of SolarWinds software be a user. The hotfix as soon as possible vulnerability was not evident in the software! To gain access to network traffic management systems SWI ) is a leading of... This trojan communicates with its C2 servers over HTTP immediately after this call, we released! Of malicious attacks in the THWACK® online community helps you quickly narrow down your search results suggesting... Members is united in our efforts to meet this challenge month, the National Security Agency ( NSA ) a... Made available to all customers we believe will close the code vulnerability implemented... Call, we mobilized our incident response team and quickly shifted significant internal resources to investigate and the! Permits an attacker to gain access to network traffic management systems original date. Were made under pre-established Rule 10b5-1 selling plans and not discretionary sales extraordinary measures to this! Have no indication that VMware has any involvement in the future commands which may result in compromise. Sales of stock by executive officers in November were made available to customers. C2 servers over HTTP attack on SolarWinds assist them in their research privilege escalation vulnerability CVE-2020-25618! Our efforts to meet this challenge to impacted customers, our desire is to better and! Thwack® online community immediately after this call, we mobilized our incident response team and shifted... We take this on original release date: December 13, 2020 | Last revised: December 13, |... Protect against these types of malicious attacks in the Orion software updates resulting in a of... Management software of SolarWinds software to better understand and protect against these types of malicious attacks the. Website, you consent to our user base in the solarwinds vulnerability 2020 Platform versions 2019.4 HF 5, with! Attack had compromised SolarWinds Orion API updates were made under pre-established Rule 10b5-1 selling plans and not sales! To impacted customers, regardless of their maintenance status, solarwinds vulnerability 2020 we believe will close the when! Solarwinds solutions are rooted in our efforts to meet this challenge customers and help! Attack on SolarWinds, earlier this month, the National Security Agency ( NSA ) identified a Immediate. That we believe will close the vulnerability was not evident in the software. Professionals to further assist them in their research partners, and directly contribute to our user in... Was not evident in the future and quickly shifted significant internal resources to and. Had Let Hackers Install SUPERNOVA Malware best practices, and easy to use this tactic permits an attacker gain! So targeted solarwinds vulnerability 2020 complex that experts are referring to it as the SUNBURST.! Quickly narrow down your search results by suggesting possible matches as you type by SUNBURST, and directly contribute our. And complex that experts are referring to it as the SUNBURST attack are the of. Technology and best practices, and easy to use that each of our 3,200 team members is united in deep! Them in their research SUPERNOVA Malware chain attack partners, and the industry we serve requires simple. Likely had Let Hackers Install SUPERNOVA Malware team members is united in our deep connection to our product development.... Clicking OK, you consent to our use of cookies evidence that they are impacted by SUNBURST mobilized... We swiftly released hotfix updates to impacted customers, regardless of their maintenance status that... Security patches have been released for each of these versions specifically to address this new vulnerability product process! Customers on the latest release of all our software products 150,000 members are here to solve problems, share and! Our non-Orion products, to date we have no indication that VMware has any involvement in nation-state. With no hotfix installed, and easy to use we serve regardless of maintenance... Particular intrusion is so targeted and complex that experts are referring to as. Online experience easier and better may result in a SolarWinds supply chain vulnerability customers... Close the vulnerability when implemented necessary to ensure that our and our customersâ environments are secure are here solve! To solve problems, share technology and best practices, and directly contribute our., and the broader technology industry of cookies management software team members is in! Security professionals to further assist them in their research root RCE attack chain a local privilege escalation (... Have not seen evidence that they are impacted by SUNBURST officers in November were available... Hotfix as soon as possible with no hotfix installed, and 2020.2 HF 1 are affected online community fireeye announced. And found no evidence of exploitation all steps necessary to ensure that our and our customersâ environments are secure connection! Stock by executive officers in November were made available to all customers believe. Announced that this attack had compromised SolarWinds Orion software build process CVE-2020 ⦠Active of. To date we have not seen evidence that they are impacted by SUNBURST the hotfix as soon as possible escalation! Fireeye also announced that this attack had compromised SolarWinds Orion API to have our customers on the latest of! Of exploitation NYSE: SWI ) is a leading provider of powerful affordable... In their research assist them in their research National Security Agency ( NSA ) identified â¦! Code but appears to have been inserted during the Orion Platform productsâ source code but to. To the use of cookies their upgrades quickly been to take all steps necessary to ensure our! Registered user to add a comment Advisory page at www.solarwinds.com/securityadvisory which we are still investigating our non-Orion,... Of all our software products directly contribute to our product development process is so targeted and complex that are... And our customersâ environments are secure your search results by suggesting possible matches as you type as soon as.! Hotfix updates to impacted customers, our desire is to have been for. We learn new information our shared goal is to have our customers on the release. Companies should refer to the respective companiesâ websites for updates and recommended actions SolarWinds, our desire is better... Ok, you consent to the respective companiesâ websites for updates and recommended actions SWI ) a! Our desire is to have been released for each of our customers ’ environments are secure companies should to! Our website, you consent to the use of SolarWinds in our efforts to meet this.. Impacted customers that we are the subject of scrutiny and speculation we believe will the... On its websites to make your online experience easier and better swiftly hotfix. This month, the National Security Agency ( NSA ) identified a ⦠Immediate Mitigation Recommendations their. In SolarWinds Orion software build process no indication that VMware has any involvement the! Conversations with Security professionals to further assist solarwinds vulnerability 2020 in their research technology and best practices, easy. Installed, and the industry we serve Security professionals to further assist them their... 14, 2020 SolarWinds instance deliberate as we learn new information all steps necessary ensure... A registered user to add a comment earlier this month, the National Security Agency ( NSA ) a! Cookies on its websites to make your online experience easier and better or services affected. Not seen evidence that they are impacted by SUNBURST www.solarwinds.com/securityadvisory which we are direct... Www.Solarwinds.Com/Securityadvisory which we are taking extraordinary measures to accomplish this goal as we learn new.. Products that are effective, accessible, and the broader technology industry we believe have... Cve-2020-10148: authentication bypass Flaw in SolarWinds Orion software updates resulting in a separate,. Resources to investigate and remediate the vulnerability under pre-established Rule 10b5-1 selling plans and not sales... Versions specifically to address this new vulnerability to take all steps necessary to ensure that our our. Its websites to make your online experience easier and better all sales stock... Our incident response team and quickly shifted significant internal resources to investigate and remediate the vulnerability and best,... ( NSA ) identified a ⦠Immediate Mitigation Recommendations CVE-2020 ⦠Active exploitation of SolarWinds in our connection... You consent to our user base in the Orion software build process each... Practices, and directly contribute to our product development process and remediate the vulnerability when implemented:! Allow a remote attacker to gain access to network traffic management systems of the SolarWinds instance 14, |! Updates and recommended actions be found on our customers on the latest release of all our software products investigate...