Security advisories

Multiple SolarWinds Vulnerabilities Announced

February 3, 2021 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

THE THREAT

On February 3rd, 2021, three new vulnerabilities affecting two SolarWinds products were disclosed. The SolarWinds Orion platform contains a remote code execution vulnerability (CVE-2021-25274) and an unsecured credentials vulnerability (CVE-2021-25275). The SolarWinds Serv-U FTP product contains a privilege escalation vulnerability (CVE-2021-25276). These vulnerabilities have not received criticality ratings at this time.

Security patches have been released to address all three vulnerabilities. It is highly recommended that organizations apply these patches as soon as possible. Proof-of-Concept exploit code will be made publicly available on February 9th, increasing the likelihood of public exploitation.

What we’re doing about it

What you should do about it

Additional information

Vulnerability Details:

To date, there is no indication that these vulnerabilities have been exploited in the wild. This assessment is likely to change as technical details and proof-of-concept code is released.

In an unrelated release, that the National Finance Center (NFC), a U.S. Department of Agriculture (USDA) federal payroll agency, was breached via a previously unreported vulnerability in the SolarWinds Orion platform. A security patch that addresses this vulnerability was released by SolarWinds in December 2020.

References:

[1] https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/

[2] https://www.reuters.com/article/us-cyber-solarwinds-china/exclusive-suspected-chinese-hackers-used-solarwinds-bug-to-spy-on-u-s-payroll-agency-sources-idUSKBN2A22K8

View Most Recent Advisories