ID CISA:7A92915240BFC202DB8A907010936455Type cisaReporter CISAModified 2020-12-14T00:00:00
Description
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 HF 5 through 2020.2.1 HF 1, released between March 2020 and June 2020.
CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures:
This product is provided subject to this Notification and this Privacy & Use policy.
Please share your thoughts.
We recently updated our anonymous product survey ; we'd welcome your feedback.
{"id": "CISA:7A92915240BFC202DB8A907010936455", "type": "cisa", "bulletinFamily": "info", "title": "Active Exploitation of SolarWinds Software", "description": "The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 HF 5 through 2020.2.1 HF 1, released between March 2020 and June 2020.\n\nCISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye\u2019s GitHub page for detection countermeasures:\n\n * [SolarWinds Security Advisory](<https://www.solarwinds.com/securityadvisory>)\n * [FireEye Advisory: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor](<https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html>)\n * [FireEye GitHub page: Sunburst Countermeasures ](<https://github.com/fireeye/sunburst_countermeasures>) \n\n\nThis product is provided subject to this Notification and this [Privacy & Use](<https://www.dhs.gov/privacy-policy>) policy.\n\n**Please share your thoughts.**\n\nWe recently updated our anonymous [product survey](<https://surveymonkey.com/r/G8STDRY?product=https://us-cert.cisa.gov/ncas/current-activity/2020/12/13/active-exploitation-solarwinds-software>); we'd welcome your feedback.\n", "published": "2020-12-13T00:00:00", "modified": "2020-12-14T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://us-cert.cisa.gov/ncas/current-activity/2020/12/13/active-exploitation-solarwinds-software", "reporter": "CISA", "references": ["https://www.solarwinds.com/securityadvisory", "https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html", "https://github.com/fireeye/sunburst_countermeasures"], "cvelist": [], "lastseen": "2020-12-18T18:06:26", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "fireeye", "idList": ["FIREEYE:7A3F3F8C2E97E0A23ED2DA85A84C99A8"]}], "modified": "2020-12-18T18:06:26", "rev": 2}, "score": {"value": 1.2, "vector": "NONE", "modified": "2020-12-18T18:06:26", "rev": 2}, "vulnersScore": 1.2}, "wildExploited": false}
{}
