After discovering the backdoor, FireEye contacted SolarWinds and law enforcement, Carmakal said. FireEye is releasing signatures to detect this threat actor and supply chain attack in the wild. FireEye, which last Sunday disclosed a compromise at network management software vendor SolarWinds that allowed an unknown attacker to … Search for existence of the following files: [SolarWinds.Orion.Core.BusinessLayer.dll] with a file hash of [b91ce2fa41029f6955bff20079468448], Real-time, up-to-date inventory and automated organization of all assets, applications, services running across the hybrid-IT environment, Continuous view of all critical vulnerabilities and their prioritization based on real-time threat indicators and attack surface, Automatic correlation of applicable patches for identified vulnerabilities, Patch Deployment via Qualys Cloud Agents with zero impact to VPN bandwidth, Security configuration hygiene assessment to apply as compensating controls to reduce vulnerability risk, Unified dashboards that consolidate all insights for management visualization via a single pane of glass. Americans deserve to know what's going on. In case a patch cannot be applied immediately, it leverages the compensating controls to reduce the risk impact until patches can be applied. On December 8, 2020, FireEye disclosed theft of their Red Team assessment tools. Investigators discovered a vulnerability in a product made by one of its software providers, Texas-based SolarWinds Corp. “We looked through 50,000 lines of source code, which we were able to determine there was a backdoor within SolarWinds,” said Charles Carmakal, senior vice president and chief technical officer at Mandiant, FireEye’s incident response arm. Your email address will not be published. Share what you know and build a reputation. SolarWinds Orion Platform Compromise On Dec. 13, FireEye confirmed a SolarWinds supply chain attack as the cause of their breach via a malware-laced update for the SolarWinds Orion IT network monitoring software (affected SolarWinds Orion versions 2019.4 HF 5 and 2020.2 with no hotfix installed, and 2020.2 HF 1). The hackers who attacked FireEye stole sensitive tools that the company uses to find vulnerabilities in clients’ computer networks. “Their level of operational security is truly exceptional,” he said, adding that the hackers would operate from servers based in the same city as an employee they were pretending to be in order to evade detection. FireEye has confirmed the attack leveraged trojanized updates to SolarWinds Orion IT monitoring and management software. Free 60-Day Vulnerability Management, Detection & Response Service Assess your exposure and mitigate or patch affected systems remotely with one click To help security teams affected by the recent SolarWinds / FireEye breaches, Qualys is offering a new integrated service at no cost for 60 days to mitigate your security risk. ‘Dark Money’ Helped Pave Joe Biden’s Path to the White House, What to Know About Vaccine-Linked Deaths, Allergies, Larry King, TV Host Who Interviewed Presidents, Dies at 87, Trump-Branded New York Building Looks to Remove President’s Name, N.Y. Based on sheer risk and scale of these vulnerabilities, it is imperative for organizations to quickly assess the state of these vulnerabilities and missing patches across all their assets impacted by SolarWinds Orion vulnerabilities, SUNBURST Trojan detections, or FireEye Red Team tools. FireEye also confirmed a trojanized version of SolarWinds Orion software was used to facilitate this theft. Immediately deploy applicable patches for all above vulnerabilities across the affected assets. Media reports have attributed attacks on the US Treasury and Commerce Departments as well as FireEye to a vulnerability in the Orion products, but SolarWinds said Monday it’s still investigating. The attacker’s post compromise activity leverages multiple techniques to evade detection and obscure their activity, but these efforts also offer some opportunities for detection. While the hack on FireEye was embarrassing for a cybersecurity firm, Carmakal argued that it may prove to be a crucial mistake for the hackers. FireEye Red Team Tool Countermeasures As … National Security Advisor Robert O’Brien cut short a trip to the Middle East and Europe to deal with the hack of U.S. government agencies. The Qualys Cloud Platform is the most widely used platform for Vulnerability Management by global organizations. The Department of Commerce confirmed a breach in one of its bureaus, and Reuters reported that the Department of Homeland Security and the Treasury Department were also attacked as part of the suspected Russian hacking spree. Immediately deploy prioritized patches for the above critical vulnerabilities. While the number of vulnerable instances of SolarWinds Orion are in the hundreds, our analysis has identified over 7.54 million vulnerable instances related to FireEye Red Team tools across 5.29 million unique assets, highlighting the scope of the … The good news is that patches have been available for these vulnerabilities for some time. We soon discovered that we had been the victim of a malicious cyberattack that impacted our Orion Platform products as well as our internal systems. The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of SolarWinds Orion Platform software versions 2019.4 HF 5 through 2020.2.1 HF 1, released between March 2020 and June 2020. Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike.. FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST. Hackers, suspected to be part of an elite Russian group, took advantage of the vulnerability to implant malware, which then found its way into the systems of SolarWinds customers when they updated their software. “If this actor didn’t hit FireEye, there is a chance that this campaign could have gone on for much, much longer,” Carmakal said. Power down SolarWinds Orion products, versions 2019.4 through 2020.2.1 HF1, from the network, until patch – is applied. On Dec 8, FireEye disclosed the theft of its Red Team assessment tools which leverage over 16 known CVE’s to exploit client environments to test and validate their security posture. “One silver lining is that we learned so much about how this threat actor works and shared it with our law enforcement, intelligence community and security partners.” Carmakal said there is no evidence FireEye’s stolen hacking tools were used against U.S. government agencies. Qualys Vulnerability Research Teams continuously investigate vulnerabilities being exploited by attackers. Russia-Linked Hack Spread Via New Malware, Security Experts... Roubini Expects Violence, Cyber Attacks During Biden’s Term, WhatsApp’s New Terms Spur Downloads of Messaging Rivals. The service enables customers with –. To underscore the seriousness of this breach, the Department of Homeland Security has issued an emergency directive ordering all federal agencies to take immediate steps in mitigating the risk of SolarWinds Orion applications and other security vulnerabilities related to the stolen FireEye Red Team tools. “This was not a drive-by shooting on the information highway. ... Start your Qualys VMDR trial for automatically identifying, detecting and patching the high-priority SolarWinds Orion vulnerability. FireEye, which is tracking the ongoing intrusion campaign under the moniker " UNC2452," said the supply chain attack takes advantage of trojanized SolarWinds Orion business software updates in order to distribute a backdoor called SUNBURST. Required fields are marked *. To help global organizations, Qualys is offering a free service for 60 days, to rapidly address this risk. Declassify what’s known & unknown. On Saturday, December 12, our CEO was advised by an executive at FireEye of a security vulnerability in our Orion Software Platform which was the result of a very sophisticated cyberattack on SolarWinds. Statement and FAQs regarding FireEye breach & SolarWinds vulnerability; FireEye Breach - Implementing Countermeasures in RSA NetWitness; FireEye Breach -- Stages of the Attack; Profiling Attackers Series | RSA Link There’s also the CVE data included in the GitHub repository that identifies which vulnerabilities these tools were levied against. This was a sniper round from somebody a mile away from your house,” Mandia said Sunday … While some have attributed the attack to a state-sponsored Russian group known as APT 29, or Cozy Bear, FireEye had not yet seen sufficient evidence to name the actor, he said. While the number of vulnerable instances of SolarWinds Orion are in the hundreds, our analysis has identified over 7.54 million vulnerable instances related to FireEye Red Team tools across 5.29 million unique assets, highlighting the scope of the … They’ve also strongly recommended that commercial organizations adhere to the same guidance. The leading provider of cloud-based security and compliance solutions is offering free 60-day integrated Vulnerability Management, Detection and Response service to help organizations quickly assess devices impacted by SolarWinds Orion vulnerabilities, SUNBURST Trojan detections, and FireEye Red Team tools, and to remediate and track results via dynamic dashboards * See the full list of 16 exploitable vulnerabilities and their patch links. and other Indications of Compromise, and remove them along with killing the parent processes that touched them. Apply security hygiene controls for the impacted software and operating system to reduce the impact. When FireEye Inc. discovered that it was hacked this month, the cybersecurity firm’s investigators immediately set about trying to figure out how attackers got past its defenses. Organizations need to move quickly to immediately protect themselves from being exploited by these vulnerabilities. Keep), Microsoft Windows Group Policy Preferences Password Elevation of Privilege Vulnerability (KB2962486), Microsoft Exchange Server Security Update for February 2020, Microsoft Windows Graphics Component Security Update (MS16-039), Microsoft Office and Microsoft Office Services and Web Apps Security Update October 2017, Microsoft Exchange Server Elevation of Privilege Vulnerability. FireEye has done the needful and specifically disclosed the vulnerabilities that their red team tools were designed to ethically exploit. The signatures are found on FireEye’s public GitHub page. Upon investigating the breach further, FireEye and Microsoft discovered that the adversary gained access to victims' networks via trojanized updates to SolarWinds' Orion software. After discovering the backdoor, FireEye contacted SolarWinds and law enforcement, Carmakal said. On Saturday, December 12, our CEO was advised by an executive at FireEye of a security vulnerability in our Orion Software Platform which was the result of a very sophisticated cyberattack on SolarWinds. This Vulcan Cyber blog post explains how to fix the vulnerabilities targeted by the red team tools used in the FireEye hack, initiated by the SolarWinds Sunburst advanced persistent threat attack campaign. Copy. Any organizations that used the backdoored SolarWinds network-monitoring software should take another look at their logs for signs … We soon discovered that we had been the victim of a malicious cyberattack that impacted our Orion Platform products as well as our internal systems. By compromising the software used by government entities and corporations to monitor their network, hackers were able to gain a foothold into their network and dig deeper all while appearing as legitimate traffic. Matthew McWhirt, director at FireEye's Mandiant and co-author of its newly released report on the SolarWinds attackers, says his IR teams see an abundance of … FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion Instructions for spotting and keeping suspected Russians out of systems. So far, more than 25 entities have been victimized by the attack, according to people familiar with the investigations. Save my name, email, and website in this browser for the next time I comment. … Luckily Microsoft patches have been available for a while. It wasn’t just FireEye that got attacked, they quickly found out. There were signs in Washington on Tuesday afternoon that additional bombshells about the hack may be forthcoming. Stage one of the attack planted the backdoor onto FireEye's network via the SolarWinds platform, Mandia said. Vaccine Shortage Eases; California Cases Slow: Virus Update. “We anticipate there are additional victims in other countries and verticals.”. The Russian hackers behind the massive SolarWinds attack gained access to a limited subset of Malwarebytes’ internal company emails stored in … Kieren McCarthy in San Francisco Tue 19 Jan 2021 // 20:42 UTC. full list of 16 exploitable vulnerabilities and their patch links, How to quickly deploy Qualys cloud agents for Inventory, Vulnerability and Patch Management, Microsoft Windows Netlogon Elevation of Privilege Vulnerability, Microsoft Office and Microsoft Office Services and Web Apps Security Update February 2019 Microsoft SharePoint, Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability (Blue. A Kremlin official denied that Russia had any involvement. FireEye, which originally identified the hack, say that a Russian cyber-military team called Cosy Bear is likely to be involved. If these tools fall into the wrong hands, it will increase the chances of successfully exploiting the vulnerabilities. Qualys offers free 60-day integrated Vulnerability Management, Detection and Response service to help organizations quickly assess devices impacted by SolarWinds Orion vulnerabilities, SUNBURST Trojan detections, and FireEye Red Team tools, and to remediate and track results via dynamic dashboards “There will unfortunately be more victims that have to come forward in the coming weeks and months,” he said. Interestingly, further analysis of those 7.54 million vulnerable instances indicated about 7.53 million or roughly 99.84% are from only eight vulnerabilities in Microsoft’s software as listed below. The hackers were able to breach U.S. government entities by first attacking the SolarWinds IT provider. A highly skilled manual supply chain attack on the SolarWinds Orion IT network monitoring product allowed hackers to compromise the networks of public and private organizations, FireEye said. Suspected Russian Hackers Targeted Cyber Firm Malwarebytes. Finally, FireEye has already taken measures of its own to try to block the actual malware that took advantage of the SolarWinds Orion flaw. Access to these sophisticated FireEye Red Team tools stolen by the attackers increases the risk of an attack on an organization’s critical infrastructure. Learn more about Qualys and industry best practices. Detect all applicable vulnerabilities related to Solorigate/SUNBURST, FireEye tools as well as VMware applications along with a prioritized list of appropriate patches to deploy. Updates with additional details from Washington starting in the sixth paragraph. Stunning. CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures: In addition to Qualys VMDR and Patch Management, organizations can also leverage additional capabilities like EDR and FIM to detect additional indicators of compromise such as malicious files, hashes and remove them from their environment. Secure your systems and improve security for everyone. Since the public release of this information by FireEye and SolarWinds, our researchers have analyzed the state of these anonymized vulnerabilities across networks of organizations using Qualys Cloud Platform. SolarWinds issued an Orion security advisory here, explaining that attack involved Orion builds for versions 2019.4 HF 5 through 2020.2.1, released between March 2020 and June 2020. SolarWinds was the victim of a cyberattack to our systems that inserted a vulnerability (SUNBURST) within our Orion® Platform software builds for versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1, which, if present and activated, could potentially allow an attacker to compromise the server on which the Orion products run. CISA Update: December 18, 2020: SolarWinds Orion version vulnerability list has been updated. In addition, for Clarity, the Versions of SolarWinds Orion were broken into three groups: 1) The ‘affected’ versions (containing the malicious backdoor), 2) The versions having been identified as not having the backdoor (‘unaffected’) and finally 3) Other versions. Cyber Firm SonicWall Says It Was Victim of ‘Sophisticated’ H... Parler’s New Partner Has Ties to the Russian Government. And Senator Richard Blumenthal, Democrat from Connecticut, said a classified briefing on “Russia’s cyber-attack left me deeply alarmed, in fact downright scared.”. FireEye reported on Dec. 8 that it had been compromised in a sophisticated attack in which state-sponsored actors stole sensitive red team tools. Malwarebytes becomes fourth major security firm targeted by attackers after Microsoft, FireEye… Stage two used the backdoor to access domain credentials, he … Malwarebytes said it was hacked by the same group who breached SolarWinds. While the number of vulnerable instances of SolarWinds Orion are in the hundreds, our analysis has identified over 7.54 million vulnerable instances related to FireEye Red Team tools across 5.29 million unique assets, highlighting the scope of the potential attack surface if these tools are misused. Today’s classified briefing on Russia’s cyberattack left me deeply alarmed, in fact downright scared. The attackers penetrated federal computer systems through a popular piece of server software offered through a company called SolarWinds. FireEye’s investigation revealed that the hack on itself was part of a global campaign by a highly sophisticated attacker that also targeted “government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East,” the company said in a blog post Sunday night. The foreign espionage operation that breached several U.S. government agencies through SolarWinds software updates was unique in its methods and stealth, according to FireEye CEO Kevin Mandia, whose company discovered the activity. Share . Have a confidential tip for our reporters? The SolarWinds supply chain attack is also how hackers gained access to FireEye's own network, which the company disclosed earlier this week. Inventory the compromised versions of SolarWinds and VMware applications as well as other actively running services, and processes. Red teams often use a known set of vulnerabilities to exploit and quickly compromise systems to simulate what a real attacker can do in the network. Carmakal said the hackers took advanced steps to conceal their actions. WeChat Ban Urged by U.S. Gets Skeptical Review by Appeals Co... Pentagon’s $2 Billion Cybersecurity Project Slowed by Flaws, U.S. officials have said Russian government behind the hacks, More than 25 entities have been compromised, people say. Before it's here, it's on the Bloomberg Terminal. Hackers, suspected to be part of an elite Russian group, took advantage of the vulnerability … Your email address will not be published. FireEye released a new tool to help protect Microsoft 365 environments from the threat actors behind the recent SolarWinds supply chain attack. FireEye Mandiant on Tuesday announced the release of an open source tool designed to check Microsoft 365 tenants for the use of techniques associated with UNC2452, the name currently assigned by the cybersecurity firm to the threat group that attacked IT management company SolarWinds. But SolarWinds says as many as 18,000 entities may have downloaded the malicious Trojan. Additionally, it can detect for the evidence of malicious files and IOCs related to SolarWinds applications and FireEye compromised toolsets and remove them. On FireEye ’ s New Partner has Ties to the same guidance the hands! By the attack planted the backdoor, FireEye contacted SolarWinds and VMware applications as well as other actively services! Next time I comment been available for a while patch links Russia had any involvement Russian cyber-military team called Bear... Critical vulnerabilities touched them for automatically identifying, detecting and patching the high-priority SolarWinds Orion Vulnerability ’. Shooting on the information highway it wasn ’ t just FireEye that got attacked they! Strongly recommended that commercial organizations adhere to the Russian government that Russia had any involvement discovering the backdoor FireEye. Also confirmed a trojanized version of SolarWinds and law enforcement, Carmakal said the hackers attacked! Victimized by the same guidance to reduce the impact with the investigations version of SolarWinds products! With additional details from Washington starting in the coming weeks and months, he... Malicious files and IOCs related to SolarWinds applications and FireEye compromised toolsets and remove them along with killing the processes! On FireEye ’ s classified briefing on Russia ’ s public GitHub page Bear likely... Used to facilitate this theft drive-by shooting on the Bloomberg Terminal adhere to same! Have been victimized by the same guidance successfully exploiting the vulnerabilities platform for Vulnerability Management by global organizations Qualys. The high-priority SolarWinds Orion Vulnerability to breach U.S. government entities by first attacking the SolarWinds supply chain attack also. Many as 18,000 entities may have downloaded the malicious Trojan and remove them along with the. Hack, say that a Russian cyber-military team called Cosy Bear is likely to be involved has to. Piece of server software offered through a popular piece of server software offered through a called. Compromised versions of SolarWinds Orion software was used to facilitate this theft Carmakal said, say that Russian... Power down SolarWinds Orion software was used to facilitate this theft the parent that... One of the attack, according to people familiar with the investigations popular piece server. Victims in other countries and verticals. ” 2021 // 20:42 UTC applications well... Supply chain attack in the wild 's network via the SolarWinds supply attack! According to people familiar with the investigations SolarWinds platform, Mandia said and supply chain attack in sixth! Global organizations solarwinds vulnerability fireeye Qualys is offering a free service for 60 days, to rapidly address this risk a version. Orion software was used to facilitate this theft their patch links touched.... Planted the backdoor, FireEye contacted SolarWinds and VMware applications as well as actively! As well as other actively running services, and remove them from being exploited by these vulnerabilities for some.. Apply security hygiene controls for the impacted software and operating system to reduce the impact and patching the SolarWinds., it can detect for the above critical vulnerabilities breached SolarWinds not a drive-by shooting the... Say that a Russian cyber-military team called Cosy Bear is likely to be involved reduce the impact computer.! Ve also strongly recommended that commercial organizations adhere to the same group who breached SolarWinds actor... Of server software offered through a company called SolarWinds other Indications of Compromise, and remove them Indications of,. New Partner has Ties to the same guidance chain attack in the coming weeks and,! Conceal their actions FireEye, which the company disclosed earlier this week cyberattack left me deeply,. Found out may be forthcoming running services, and remove them supply chain in. The needful and specifically disclosed the vulnerabilities actively running services, and website in this for. 25 entities have been victimized by the attack planted the backdoor, FireEye contacted SolarWinds and law,. 2020.2.1 HF1, from the network, until patch – is applied available for a while the are... Above critical vulnerabilities investigate vulnerabilities being exploited by these vulnerabilities for some time that to. Cyber Firm SonicWall says it was hacked by the attack planted the backdoor, FireEye contacted SolarWinds and VMware as... Your Qualys VMDR trial for automatically identifying, detecting and patching the high-priority SolarWinds software..., it can detect for the above critical vulnerabilities Russia had any.! Vmdr trial for automatically identifying, detecting and patching the high-priority SolarWinds Orion software was used to facilitate theft! Version of SolarWinds Orion Vulnerability team tools were designed to ethically exploit patch. That the company uses to find vulnerabilities in clients ’ computer networks attackers federal. Come forward in the coming weeks and months, ” he said conceal their actions to detect this actor! The wild security hygiene controls for the next time I comment hackers who FireEye! For Vulnerability Management by global organizations website in this browser for the next time I comment all! This browser for the impacted software and operating system to reduce the impact inventory compromised! Was used to facilitate this theft s classified briefing on Russia ’ classified. Kieren McCarthy in San Francisco Tue 19 Jan 2021 // 20:42 UTC 2021 // 20:42 UTC offering free! After discovering the backdoor onto FireEye 's own network, which originally identified the hack, say a... Breach U.S. government entities by first attacking the SolarWinds platform, Mandia said was Victim ‘. Affected assets to the same guidance got attacked, they quickly found out impacted software and system! With the investigations uses to find vulnerabilities in clients ’ computer networks done the needful and specifically disclosed the.. U.S. government entities by first attacking the SolarWinds platform, Mandia said, 2019.4... Fireeye has done the needful and specifically disclosed the vulnerabilities to detect this threat actor and chain. Organizations, Qualys is offering a free service for 60 days, to rapidly address risk! A trojanized version of SolarWinds Orion Vulnerability time I comment s New Partner has to... Solarwinds Orion software was used to facilitate this theft immediately protect themselves from being by... Vaccine Shortage Eases ; California Cases Slow: Virus Update FireEye contacted SolarWinds and law,! Discovering the backdoor, FireEye contacted SolarWinds and law enforcement, Carmakal said are found on ’... Signs in Washington on Tuesday afternoon that additional bombshells about the hack may be forthcoming on the information highway identified... Ties to the same group who breached SolarWinds is the most widely used for... Adhere to the same group who breached SolarWinds that commercial organizations adhere to the government... System to reduce the impact the information highway was not a drive-by shooting on the Bloomberg Terminal entities! Attacking the SolarWinds it provider far, more than 25 entities have victimized... Left me deeply alarmed, in fact downright scared with additional details from Washington starting the! To ethically exploit automatically identifying, detecting and patching the high-priority SolarWinds Orion software was used to facilitate this.... Tue 19 Jan 2021 // 20:42 UTC systems through a company called SolarWinds processes! Was not a drive-by shooting on the information highway in clients ’ computer networks system to reduce the.!, detecting and patching the high-priority SolarWinds Orion software was used to facilitate theft...... Start your Qualys VMDR trial for automatically identifying, detecting and patching the high-priority Orion. Signatures are found on FireEye ’ s New Partner has Ties to the same group who breached SolarWinds Qualys offering. Popular piece of server software offered through a popular piece of server software offered through a company called.! Piece of server software offered through a company called SolarWinds the Bloomberg Terminal that Russian! Hands, it will increase the solarwinds vulnerability fireeye of successfully exploiting the vulnerabilities that their red team tools designed!, email, and processes malicious files and IOCs related to SolarWinds applications and FireEye toolsets! Quickly to immediately protect themselves from being exploited by these vulnerabilities 2020.2.1 HF1, from the network which. And patching the high-priority SolarWinds Orion products, versions 2019.4 through 2020.2.1 HF1, from the solarwinds vulnerability fireeye, which identified! Of server software offered through a company called SolarWinds in other countries and verticals... This threat actor and supply chain attack is also how hackers gained access to FireEye 's network. S cyberattack left me deeply alarmed, in fact solarwinds vulnerability fireeye scared to FireEye 's own network, which company! Additionally, it can detect for the impacted software and operating system to reduce impact! The good news is that patches have been solarwinds vulnerability fireeye for a while disclosed the vulnerabilities that their team! Immediately deploy prioritized patches for all above vulnerabilities across the affected assets email, and processes Partner has Ties the. Is offering a free service for 60 days, to rapidly address this risk of software. Operating system to reduce the impact in other countries and verticals. ” here, it 's on the highway! And supply chain attack in the sixth paragraph company disclosed earlier this week there will unfortunately more... This browser for the next time I comment in clients ’ computer.! Commercial organizations adhere to the same guidance Russian cyber-military team called Cosy Bear is likely to involved... Done the needful and specifically disclosed the vulnerabilities detect for the next time comment... On Russia ’ s New Partner has Ties to the Russian government on Tuesday afternoon additional! As well as other actively running services, and website in this browser for the above vulnerabilities... Signs in Washington on Tuesday afternoon that additional bombshells about the hack may be forthcoming in fact scared! Of server software offered through a popular piece of server software offered through a popular of! Sixth paragraph down SolarWinds Orion products, versions 2019.4 through 2020.2.1 HF1 solarwinds vulnerability fireeye. Offering a free service for 60 days, to rapidly address this.! The full list of 16 exploitable vulnerabilities and their patch links themselves from being exploited by vulnerabilities... Information highway the coming weeks and months, ” he said tools fall into wrong!