Skip Ribbon Commands
Skip to main content
Computer Emergency Response Team of Mauritius (CERT-MU)
Computer Emergency Response Team of Mauritius>SolarWinds Security Advisory

SolarWinds Security Advisory


SolarWinds has been made aware of a cyberattack to our systems that inserted a vulnerability within our SolarWinds® Orion® Platform software builds for versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1, which, if present and activated, could potentially allow an attacker to compromise the server on which the Orion products run. We have been advised that this incident was likely the result of a highly sophisticated, targeted, and manual supply chain attack by an outside nation state, but we have not independently verified the identity of the attacker.

First, the affected software builds are no longer available for download.

We recommend taking the following steps related to your use of the SolarWinds Orion Platform:

  •  SolarWinds asks customers with any of the below products listed as known affected for Orion Platform v2020.2 with no hotfix or 2020.2 HF 1 to upgrade to Orion Platform version 2020.2.1 HF 2 as soon as possible to ensure the security of your environment. This version is currently available here. 
  • SolarWinds asks customers with any of the below products listed as known affected for Orion Platform v2019.4 HF 5 to update to 2019.4 HF 6, which is available for download here.
  •   The hotfix release 2020.2.1 HF 2 is now available in the SolarWinds Customer Portal at customerportal.solarwinds.com. We recommend that all customers update to release 2020.2.1 HF 2, as the 2020.2.1 HF 2 release both replaces the compromised component and provides several additional security enhancements.
  •   You may need to synchronize your license prior to applying the hotfix. Please follow the steps here to kick off the synchronization of your license.

*If you have disabled outward communication from your Orion license, please follow the "Activate License Offline" section from here. Once you have successfully synched your license, please run the installer to install the hotfix.

Based on our investigation, we are not aware that this vulnerability affects other versions—including future versions—of Orion Platform products. We have scanned the code of all our software products for markers similar to those used in the attack on our Orion Platform products identified above, and we have found no evidence that other versions of our Orion Platform products or our other products or agents contain those markers. As such, we are not aware that other versions of Orion Platform products have been impacted by this security vulnerability. Other non-Orion Platform products are also not known by us to be impacted by this security vulnerability.

References

SolarWinds

https://www.solarwinds.com/securityadvisory

Contact Information

E-mail: contact@cert.ncb.mu

Postal address

Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis