More Critical Problems With SolarWinds
The security company Trustwave has informed SolarWinds about three more critical vulnerabilities with their software. The most critical SolarWinds vulnerability allows remote code execution with high privileges of the company’s Orion platform, used for IT management. The other two vulnerabilities are exploitable by someone with local access to take control of the SOLARWINDS_ORION database, which could allow an attacker to steal data or add a new user with admin-level privileges.
Hackers invested a lot of effort to ensure their code was properly inserted and remained undetected, prioritising operational security to avoid revealing their presence to SolarWinds developers. SolarWinds has released a patch to fix the security flaws, and neither company found has yet evidence that hackers had exploited the vulnerabilities.
These findings raise new questions about security at SolarWinds, which provides information technology software to government agencies and most Fortune 500 corporations. The potential damage, had the flaws been exploited, is hard to quantify. Theoretically, however, it could have resulted in the exposure of consumer data to corporate and government secrets.
The SolarWinds hack first came to light in December when US cyber security firm FireEye said it had been breached by a “highly sophisticated” attack launched by a nation state with “top-tier offensive capabilities”. Nation-state hackers injected malicious code into software updates for Orion, which is used by organisations to monitor their computer networks for outages and problems.
Companies that installed the tainted Orion update unwittingly gave the hackers remote access to their networks, allowing them to steal information and possibly lay the groundwork for future attacks.
The US government has accused Russian hackers for the SolarWinds cyber attack. Also, Reuters said that Chinese hackers independently exploited a different flaw in SolarWinds products last year.
Trustwave: NBC: CRN: Verdict: Computer Weekly:
You Might Also Read:
Evidence Emerging About Cyber Attacks On US Government: