Tuesday, December 15, 2020
The recent hack against FireEye and the U.S. Treasury and Commerce Department affected SolarWinds software for other clients as well (not limited to the U.S. government). SolarWinds has confirmed a cyberattack to its systems inserted a vulnerability within the SolarWinds® Orion® Platform software builds for versions 2019.4 HF
5, 2020.2 with no hotfix, and 2020.2 HF 1 (see the SolarWinds Advisory if unsure which version you use). If your organization uses these products, prompt action may be needed to identify and mitigate potential security implications. Some SolarWinds customers have already received notice directly from SolarWinds that the products their organization uses were not affected by the incident and no action is required. Otherwise, we recommend the following mitigation steps, along with review of the advisories from SolarWinds and FireEye ...
formatting link