Exploitation of Vulnerability in SolarWinds Orion Platform

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of a vulnerability in SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, which was released between March 2020 through June 2020. As a result, CISA has issued Emergency Directive 21-01. CISA has also published an urgent Current Activity Alert “Active Exploitation of SolarWinds Software”.CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures:

SolarWinds Security Advisory
FireEye Advisory: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor
FireEye GitHub page: Sunburst Countermeasures

Exploitation of Vulnerability in SolarWinds Orion Platform

APCO Store

PSConnect

Career Center

Buyer’s Guide

Public Safety Foundation of America