SolarWinds Discloses Backdoor in its Orion Platform Software

On December 13, a flurry of media reports from Reuters, Washington Post, and Wall Street Journal linked an attack against U.S. Government agencies and cybersecurity firm FireEye to a flaw in a product from SolarWinds. Soon after these reports were shared, SolarWinds themselves published a security advisory about the incident.

SolarWinds confirmed earlier reporting that their Orion Platform software was compromised through a supply chain attack that led to malicious code being embedded inside one of its libraries. This malicious code served as a backdoor that gave attackers the ability to enter into organizations that use its Orion Platform software within their network.

Reporting so far indicates that the attackers were focused on leveraging this backdoor to gain entry into the public sector as well as some private organizations. However, because the investigation has just begun and the incident is still considered ongoing, we expect more information to become available in the coming days and weeks ahead.

For more information about the backdoor, including the availability of patches and Tenable product coverage, please visit our blog.