Patch this backdoor in SolarWinds Orion Platform so your company doesn’t get hacked like FireEye

Cybersecurity specialists reported the finding of a critical vulnerability in Orion Platform, the IT performance monitoring solution developed by tech company SolarWinds. According to the report, successful exploitation of this flaw would allow malicious hackers to install a backdoor in affected implementations.

The flaw has been already exploited in the wild though a supply chain attack, so the experts recommend read carefully any detail related to this finding. 

The experts stated that the vulnerability exists due to presence of embedded malicious functionality in the application code, also known as backdoor, that allows remote malicious hackers to gain unauthorized access to the vulnerable application. A similar attack could have been related to the incident affecting cybersecurity company FireEye during last week.

The flaw received a 9.4/10 score according to the Common Vulnerability Scoring System (CVSS). So far there is no CVE tracking key associated to the report.

Below are the vulnerable versions of the Orion Platform software:

  • 2019.4 HF 5
  • 2020.2
  • 2020.2 HF 1
  • 2020.2.1

The experts confirmed this vulnerability can be exploited remotely by non-authenticated threat actors; all the attackers need to do is send a specially crafted request to the compromised system.  As mentioned above, there are multiple active exploitation cases detected.

To fully mitigate risk exploitation, users of affected implementations must install official updates as soon as possible. Further details about the mitigation process can be found at SolarWind official platforms.