December 14, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of a vulnerability in SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, which was released between March 2020 through June 2020.
In response CISA has published an urgent Current Activity Alert "Active Exploitation of SolarWinds Software", which can be found at: https://us-cert.cisa.gov/ncas/current-activity/2020/12/13/active-exploitation-solarwinds-software, and Emergency Directive 21-01, "Mitigate SolarWinds Orion Code Compromise", directed at Federal Civilian Agencies, further emphasizing the urgency of this Alert at: https://cyber.dhs.gov/ed/21-01/.
CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye's GitHub page for detection countermeasures:
We kindly request any questions, feedback, or related incidents related to this product be reported to CISA at Central@cisa.gov or 888-282-0870.
Stay Safe Stay Healthy. Defend Today Secure Tomorrow.
Sector Partnership
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Sector.Partnership@CISA.DHS.GOV
Cybersecurity and Infrastructure Security Agency
Department of Homeland Security
Sector.Partnership@CISA.DHS.GOV