Government Alert: Critical SolarWinds Vulnerability Under Active Attack
CISA: Patch Immediately to Protect Against Exploitation
Recent Patch Released Critical Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent warning on Thursday regarding an actively exploited critical vulnerability in SolarWinds IT management software. Attackers are actively exploiting the vulnerability, and CISA strongly recommends that all SolarWinds customers patch their systems immediately.
Vulnerability Details
The vulnerability, tracked as CVE-2023-0474, allows an unauthenticated attacker to execute arbitrary code on affected systems. This could allow attackers to gain complete control of affected systems, including the ability to steal data, modify files, or even install malware.
Affected Software
The following versions of SolarWinds IT management software are affected by this vulnerability:
- SolarWinds Access Rights Manager (ARM) versions 6.5.0 and earlier
- SolarWinds Account Lockout Manager versions 6.5.0 and earlier
- SolarWinds Backup Manager versions 6.5.0 and earlier li>SolarWinds Change Auditor versions 6.5.0 and earlier
- SolarWinds Configuration Manager versions 6.5.0 and earlier
- SolarWinds Data Collector versions 6.5.0 and earlier
- SolarWinds Database Performance Analyzer versions 6.5.0 and earlier
- SolarWinds Endpoint Operations Manager versions 6.5.0 and earlier
- SolarWinds Event Log Analyzer versions 6.5.0 and earlier
- SolarWinds IP Address Manager versions 6.5.0 and earlier
- SolarWinds Log & Event Manager versions 6.5.0 and earlier
- SolarWinds Network Configuration Manager versions 6.5.0 and earlier
- SolarWinds Operations Bridge versions 6.5.0 and earlier
- SolarWinds Patch Manager versions 6.5.0 and earlier
- SolarWinds Performance Monitor versions 6.5.0 and earlier
Patch and Mitigation
SolarWinds has released a patch for this vulnerability. CISA strongly recommends that all affected customers apply the patch immediately. In addition, CISA recommends that customers take the following mitigation steps:
- Disable all affected software until the patch can be applied.
- Review logs for any suspicious activity.
- Implement strong network segmentation and access controls.
- Monitor networks for any signs of compromise.
Conclusion
This critical vulnerability poses a significant risk to affected organizations. CISA strongly urges all SolarWinds customers to patch their systems immediately and take appropriate mitigation steps. By taking these steps, organizations can help protect themselves from attacks exploiting this vulnerability.
Komentar