IT and Business Insights for SMB Solution Providers

CISA SolarWinds Orion Code Compromise Advisory

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of a vulnerability in SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, which was released between March 2020 through June 2020.

In response CISA has published an urgent Current Activity Alert “Active Exploitation of SolarWinds Software“ which can be found at: Emergency Directive 21-01, “Mitigate SolarWinds Orion Code Compromise,” directed at Federal Civilian Agencies, further emphasizing the urgency of this 


CISA encourages affected organizations to read the SolarWinds and FireEye advisories for more information and FireEye’s GitHub page for detection countermeasures:

SolarWinds Security Advisory

  • FireEye Advisory: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor

  • FireEye GitHub page: Sunburst Countermeasures

We kindly request any questions, feedback, or related incidents related to this product be reported to CISA at [email protected] or 888-282-0870.

About the Author

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.