SUPERNOVA Backdoor Found in SolarWinds

Dec 29, 2020 GMT+08:00

I. Overview

SolarWinds has recently released a security advisory with their response to SUPERNOVA, a publicly reported malware. SolarWinds Inc. is an American company that develops software for businesses to help manage their networks, systems, and information technology infrastructure. Orion, A SolarWinds product, is designed to provide monitoring and management for large enterprise-class infrastructures. Orion Platform has a vulnerability that allows attackers to deploy malicious code. Hackers have exploited this vulnerability to launch supply chain attacks.

If you are a SolarWinds user, check your system and implement timely security hardening.

References:

https://www.solarwinds.com/securityadvisory

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Affected versions:

2020.2.1 HF 2 and versions earlier than 2019.4 HF 6

Secure versions:

2019.4 HF 6

2020.2.1 HF 2

2019.2 SUPERNOVA patch

2018.4 SUPERNOVA patch

2018.2 SUPERNOVA patch

IV. Vulnerability Handling

This vulnerability has been fixed in the later official versions. In addition, security patches of earlier versions are also provided. If you are an affected user, upgrade your system as soon as possible. You can find more information at the below link.

https://www.solarwinds.com/securityadvisory

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.