Active Exploitation of SolarWinds Software | CISA
Published: 2020-12-14 · Archived: 2026-04-05 14:11:27 UTC
An official website of the United States government
Due to the lapse in federal funding, this website will not be actively managed.  Read More
no-cost Cyber ServicesSecure by design Secure Your BusinessShields UpReport A Cyber Issue 
Search
Spotlight
https://us-cert.cisa.gov/ncas/current-activity/2020/12/13/active-exploitation-solarwinds-software
Page 1 of 2

Due to the lapse in federal funding, this website will not be actively managed.  Read More
no-cost Cyber ServicesSecure by design Secure Your BusinessShields UpReport A Cyber Issue 
Breadcrumb
1. Home
2. News & Events
3. Cybersecurity Advisories
4. Alert
5. Active Exploitation of SolarWinds Software
Archived Content
In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current
policy or programs.
Alert
Last Revised
December 14, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of SolarWinds Orion
Platform software versions 2019.4 HF 5 through 2020.2.1 HF 1, released between March 2020 and June 2020.
CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and
FireEye’s GitHub page for detection countermeasures:
SolarWinds Security Advisory
FireEye Advisory: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple
Global Victims With SUNBURST Backdoor
FireEye GitHub page: Sunburst Countermeasures 
This product is provided subject to this Notification and this Privacy & Use policy.
Please share your thoughts
We recently updated our anonymous product survey; we welcome your feedback.
Source: https://us-cert.cisa.gov/ncas/current-activity/2020/12/13/active-exploitation-solarwinds-software
https://us-cert.cisa.gov/ncas/current-activity/2020/12/13/active-exploitation-solarwinds-software
Page 2 of 2