SolarWinds Orion Vulnerabilities

by CIRT Team

The Department of Homeland Security Cybersecurity and Infrastructure
Security Agency (CISA) issued an Emergency Directive on December 13,
2020 in response to the compromise of the SolarWinds Orion product for
all federal civilian agencies. The directive calls for all organizations
to assess their exposure to the compromise and secure their networks
against exploitation.

The following SolarWinds Orion versions are affected:

Orion Platform 2019.4 HF5, version 2019.4.5200.9083
Orion Platform 2020.2 RC1, version 2020.2.100.12219
Orion Platform 2020.2 RC2, version 2020.2.5200.12394
Orion Platform 2020.2, 2020.2 HF1, version 2020.2.5300.12432

CISA (US Cybersecurity and Infrastructure Security Agency) have issued
an alert (AA20-352A) to include additional Indicators of Compromise
(IoCs) and further mitigation advice.
For details information and detection countermeasures please visit
following URL’s

• https://us-cert.cisa.gov/ncas/alerts/aa20-352a
• https://www.solarwinds.com/securityadvisory
• https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html
• https://github.com/fireeye/sunburst_countermeasures

CIRT Team

Recommended Posts

Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers

08 Feb 2024 - Articles, English articles, Security Advisories & Alerts

বাংলাদেশের আইটি কাঠামোয় তথ্য চুরির ম্যালওয়ারের বিস্তার সম্পর্কে সতর্কতা

18 Jan 2024 - Articles, Bangla Articles, News, Security Advisories & Alerts

সাইবার থ্রেট এলার্টঃ বাংলাদেশকে লক্ষ্য করে চলমান ফিশিং ক্যাম্পেইন

04 Jan 2024 - News, Security Advisories & Alerts