www.solarwinds.com
Open in
urlscan Pro
2a02:26f0:120::5435:8c50
Public Scan
Submitted URL: https://www.solarwinds.com/securityadvisory
Effective URL: https://www.solarwinds.com/sa-overview/securityadvisory
Submission: On June 01 via manual from AE
Effective URL: https://www.solarwinds.com/sa-overview/securityadvisory
Submission: On June 01 via manual from AE
Form analysis
0 forms found in the DOMText Content
* SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our Cookie Policy. Continue * Government * Customer Portal * Partners * Events * Contact Us * English * Deutsch * Español * Français * 日本語 * 한국어 * Português * 中文 Toggle navigation English * Deutsch * Español * Français * 日本語 * 한국어 * Português * 中文 * Products * Network Management * Systems Management * Database Management * IT Security * IT Service Management * Application Management * Managed Service Providers * All Products Products * Network Performance Monitor * NetFlow Traffic Analyzer * Network Configuration Manager * IP Address Manager * User Device Tracker * VoIP & Network Quality Manager * Network Automation Manager * Log Analyzer * Network Topology Mapper * Engineer's Toolset * ipMonitor * Kiwi CatTools * Kiwi Syslog Server Bundles * Network Bandwidth Analyzer Pack * Log and Network Performance Pack * IP Control Bundle View All Network Management Products Unify log management and infrastructure performance with SolarWinds Log Analyzer. Aggregate. Search. Chart. Learn More Products * Server & Application Monitor * Virtualization Manager * Storage Resource Monitor * ipMonitor * Serv-U Managed File Transfer * Serv-U Secured FTP * Server Configuration Monitor * Log Analyzer * Access Rights Manager * Application Performance Monitoring * Web Performance Monitor * SolarWinds Backup Bundles * Systems Management Bundle * Server Performance & Configuration Bundle * Log and Systems Performance Pack * Application Performance Optimization Pack * IT Operations Manager View All Systems Management Products Easy-to-use system and application change monitoring with Server Configuration Monitor. Learn More Products * Database Performance Analyzer * Oracle * SQL Server * Azure SQL Database * Database Performance Monitor * PostgreSQL * MongoDB * MySQL * Redis View All Database Management Products Monitor your cloud-native Azure SQL databases with a cloud-native monitoring solution. Azure SQL performance monitoring simplifed. Learn More Products * Access Rights Manager * Security Event Manager (formerly Log & Event Manager) * Server Configuration Monitor * Patch Manager * Identity Monitor * Serv-U Managed File Transfer * Serv-U Secured FTP * Serv-U Gateway View All IT Security Products Help Reduce Insider Threat Risks with SolarWinds® Access Rights Manager Manage and Audit Access Rights across your Infrastructure. Learn More Products * Service Desk * Web Help Desk * ipMonitor * Desktop Management * Dameware Remote Everywhere * Dameware Remote Support * Dameware Mini Remote Control * Help Desk Essentials View All IT Service Management Products SolarWinds Service Desk is a 2020 TrustRadius Winner Service Desk is a winner in two categories: IT Asset Management and IT Service Management (ITSM) Products * AppOptics SaaS-based infrastructure and application performance monitoring, tracing, and custom metrics for hybrid and cloud-custom applications. * Server & Application Monitor Infrastructure and application performance monitoring for commercial off-the-shelf and SaaS applications; built on the SolarWinds® Orion® platform. * Loggly Fast and powerful hosted aggregation, analytics and visualization of terabytes of machine data across hybrid applications, cloud applications, and infrastructure. * Log Analyzer Monitoring and visualization of machine data from applications and infrastructure inside the firewall, extending the SolarWinds® Orion® platform. * Papertrail Real-time live tailing, searching, and troubleshooting for cloud applications and environments. * Pingdom Real user, and synthetic monitoring of web applications from outside the firewall. * Web Performance Monitor Web application performance monitoring from inside the firewall. View All Application Management Products AppOptics: Next-gen SaaS-based application performance & infrastructure monitoring. Accelerates the identification and getting to the root cause of application performance issues. Learn More Products * N-able N-central Automate what you need. Tackle complex networks. Built to help maximize efficiency and scale. * N-able Remote Monitoring & Management Get a comprehensive set of RMM tools to efficiently secure, maintain, and improve your clients’ IT systems. * N-able Backup & Recovery Manage backup for servers, workstations, applications, and business documents from one cloud-based dashboard. * N-able Mail Protection & Archiving Protect users from email threats and downtime. * N-able Password Management Easily adopt and demonstrate best practice password and documentation management workflows. * N-able PSA & Ticketing Manage ticketing, reporting, and billing to increase helpdesk efficiency. * N-able Remote Support Help support customers and their devices with remote support tools designed to be fast and powerful. View All Managed Service Provider Products Microsoft 365 + N-able. Manage more devices from one dashboard. Bringing together N-able RMM and Microsoft Intune management capabilities. Learn More * Solutions * CHALLENGE * Role * Technology * Remote Monitoring Solutions * Network Solutions * IT Security Solutions * Enterprise Solutions * MSP Solutions * Infrastructure Management Solutions * IT Asset Management * SolarWinds Orion Platform * Database Management * Application Performance Management * Compliance Solutions * Scalability Solutions * Software Defined Solutions * Customer Success * IT Automation Software * IT Cost Optimization * IT Agility * Education IT Solutions * Global System Integrators * Small Business Solutions Solutions * IT Operations Solutions * IT Help Desk Solutions * IT Service Desk Solutions * ITSM Solutions * ITIL Solutions * Enterprise Help Desk Solutions * Global System Integrators Solutions * Office 365 Solutions * Active Directory * Azure Cloud Solutions * Cisco Solutions * MySQL Solutions * Postgres Solutions * DigitalOcean Application Solutions * Azure SQL Solutions Solutions * Remote Monitoring Solutions * Remote Infrastructure Management Solutions * Secure Remote Access Solutions * Support Remote Workforce Solutions * Business Continuity Solutions * User Experience Monitoring Solutions * Support Renew Maintenance Renew to download the latest product features, get 24/7 tech support, and access to instructor-led training. * Renew Maintenance * Learn about Auto-Renewal Access the Success Center Find product guides, documentation, training, onboarding information, and support articles. * Access the Success Center * Orion Assistance Program * SmartStart Onboarding * Support Offerings Technical Support Submit a ticket for technical and product assistance, or get customer service help. * Americas: +1-512-682-9300 * EMEA: +353 21 5002900 * APAC: +61 2 8412 4900 * Submit a Ticket * Supported Versions * End of Life Policy Training & Certification Learn through self-study, instructor-led, and on-demand classes with the SolarWinds Academy. * SolarWinds Academy * SolarWinds Certified Professional Customer Portal Download the latest product versions and hotfixes. Manage your portal account and all your products. * Access the Customer Portal * Community THWACK Connect with more than 150,000+ community members. Get help, be heard by us and do your job better using our products. * View THWACK Orange Matter Get practical advice on managing IT infrastructure from up-and-coming industry voices and well-known tech leaders. * View Orange Matter LogicalRead Blog Into databases? Find articles, code and a community of database experts. * View LogicalRead Blog Secure by Design Resource Center Get the latest SolarWinds investigation updates, advice from leading cybersecurity experts we’re working with, and learn about our Secure by Design journey. * View Resources * FREE TRIALS * Contact Sales * Online Quote * * Products * Network Management * Network Performance Monitor * NetFlow Traffic Analyzer * Network Configuration Manager * IP Address Manager * User Device Tracker * VoIP & Network Quality Manager * Network Automation Manager * Log Analyzer * Network Topology Mapper * Engineer's Toolset * ipMonitor * Kiwi CatTools * Kiwi Syslog Server * Network Bandwidth Analyzer Pack * Log and Network Performance Pack * IP Control Bundle * Systems Management * Server & Application Monitor * Virtualization Manager * Storage Resource Monitor * ipMonitor * Serv-U Managed File Transfer * Serv-U Secured FTP * Server Configuration Monitor * Log Analyzer * Access Rights Manager * Application Performance Monitoring * Web Performance Monitor * SolarWinds Backup * Systems Management Bundle * Server Performance & Configuration Bundle * Log and Systems Performance Pack * Application Performance Optimization Pack * IT Operations Manager * Database Management * Database Performance Analyzer * Oracle * SQL Server * Azure SQL Database * MySQL * SAP ASE * MariaDB * DB2 * Amazon Aurora * Database Performance Monitor * PostgreSQL * MongoDB * MySQL * Redis * IT Security * Access Rights Manager * Security Event Manager * Server Configuration Monitor * Patch Manager * Identity Monitor * Serv-U Managed File Transfer * Serv-U Secured FTP * Serv-U Gateway * IT Service Management * Service Desk * Web Help Desk * ipMonitor * Desktop Management * Dameware Remote Everywhere * Dameware Remote Support * Dameware Mini Remote Control * Help Desk Essentials * Application Management * AppOptics * Server & Application Monitor * Loggly * Log Analyzer * Papertrail * Pingdom * Web Performance Monitor * Managed Service Providers * N-able N-central * N-able Remote Monitoring & Management * N-able Backup & Recovery * N-able Mail Protection & Archiving * N-able Password Management * N-able PSA & Ticketing * N-able Remote Support * Solutions * CHALLENGE * Network Solutions * IT Security Solutions * Enterprise Solutions * MSP Solutions * Infrastructure Management Solutions * IT Asset Management * SolarWinds Orion Platform * Database Management * Application Performance Management * Compliance Solutions * Scalability Solutions * Software Defined Solutions * Customer Success * IT Automation Software * IT Cost Optimization * IT Agility * Education IT Solutions * Global System Integrators * Small Business Solutions * Role * IT Operations Solutions * IT Help Desk Solutions * IT Service Desk Solutions * ITSM Solutions * ITIL Solutions * Enterprise Help Desk Solutions * Global System Integrators * Technology * Office 365 Solutions * Active Directory * Azure Cloud Solutions * Cisco Solutions * MySQL Solutions * Postgres Solutions * DigitalOcean Application Solutions * Azure SQL Solutions * Remote Monitoring * Remote Monitoring Solutions * Remote Infrastructure Management Solutions * Secure Remote Access Solutions * Support Remote Workforce Solutions * Business Continuity Solutions * User Experience Monitoring Solutions * Support * Renew Maintenance * Renew Maintenance * Learn about Auto-Renewal * Access the Success Center * Access the Success Center * Orion Assistance Program * SmartStart Onboarding * Support Offerings * Technical Support * Americas: +1-512-682-9300 * EMEA: +353 21 5002900 * APAC: +61 2 8412 4900 * Submit a Ticket * Supported Versions * End of Life Policy * Training & Certification * SolarWinds Academy * SolarWinds Certified Professional * Customer Portal * Access the Customer Portal * Community * THWACK * View THWACK * Orange Matter * View Orange Matter * LogicalRead Blog * View LogicalRead Blog * Secure by Design Resource Center * View Resources * FREE TRIALS * Contact Sales * Online Quote * View All Products View Free Tools SOLARWINDS SECURITY ADVISORY * Security Advisory * CERT Advisory * Security Advisory FAQ * CERT Upgrading Your Environment * New Digital Certificate Recent as of April 6, 2021, 9:00am CST This page covers the SolarWinds response to both SUNBURST and SUPERNOVA, and the steps we are taking in response to these incidents. * For information about SUNBURST, go here. * For information about SUPERNOVA, go here. * For information about our new digital code-signing certificate, go here. We continue to strive for transparency and keeping our customers informed to the extent possible as we cooperate with law enforcement and intelligence communities, and to the extent it is in the best interest of our customers. Like other software companies, we seek to responsibly disclose vulnerabilities in our products to our customers while also mitigating the risk that bad actors seek to exploit those vulnerabilities by releasing updates to our products that remediate these vulnerabilities before we disclose them. For the latest update on our investigation, please read this blog, and to learn more about the steps we’re taking to ensure the security and performance of the products we deliver, go here. You can also Subscribe to this RSS Feed to be notified when we update this page (note: you will need to cut and paste the "Subscribe to this RSS feed" URL into an RSS Feed Reader, e.g. Outlook's RSS Subscriptions, to monitor updates). A detailed Frequently Asked Questions (FAQ) page is available here, and we intend to update this page as we learn more information. ABOUT OUR NEW DIGITAL CODE-SIGNING CERTIFICATE As announced by SolarWinds President and CEO Sudhakar Ramakrishna in his Orange Matter blog, Our Plan for a Safer SolarWinds and Customer Community, we’re taking key steps to ensure the security and integrity of the software we deliver to customers. SolarWinds uses a digital code-signing certificate to digitally sign each software build, and to help end users authenticate the code comes from us. As part of our response to the SUNBURST vulnerability, the code-signing certificate used by SolarWinds to sign the affected software versions was revoked March 8, 2021. This is industry-standard best practice for software that has been compromised. We’ve obtained new digital code-signing certificates and have rebuilt the versions signed with the certificate to be revoked, have re-signed our code, and have re-released all of the products previously signed with the certificate to be revoked. To ensure the performance of your SolarWinds product(s), you must upgrade to these new builds. For full details on this part of our response to the SUNBURST vulnerability, please visit our SolarWinds New Digital Code-Signing Certificate page at solarwinds.com/trust-center/new-digital-certificate. ABOUT SUPERNOVA SUPERNOVA is malware that was deployed using a vulnerability in the Orion Platform, and after the Orion Platform had been installed. Based on our investigation to date: * SUPERNOVA is not malicious code embedded within the builds of our Orion® Platform as a supply chain attack. It is malware that is separately placed on a server that requires unauthorized access to a customer’s network and is designed to appear to be part of a SolarWinds product. * The SUPERNOVA malware consisted of two components. The first was a malicious, unsigned webshell .dll “app_web_logoimagehandler.ashx.b6031896.dll” specifically written to be used on the SolarWinds Orion Platform. The second is the utilization of a vulnerability in the Orion Platform to enable deployment of the malicious code. This vulnerability in the Orion Platform has been resolved in the latest updates. We constantly work to enhance the security of our products and to protect our customers and ourselves because hackers and other cybercriminals are always seeking new ways to find and attack their victims. We work closely with our customers to address and remediate any potential concerns, and we encourage all customers to run only supported versions of our products and to upgrade to the latest versions to the get the full benefit of our updates, improvements, and enhancements. ABOUT SUNBURST SolarWinds and our customers were the victims of a cyberattack to our systems that inserted a vulnerability (SUNBURST) within our Orion® Platform software builds for versions 2019.4 HF 5, 2020.2 unpatched, and 2020.2 HF 1, which, if present and activated, could potentially allow an attacker to compromise the server on which the Orion products run. This attack was a very sophisticated supply chain attack, which refers to a disruption in a standard process resulting in a compromised result with a goal of being able to attack subsequent users of the software. In this case, it appears that the code was intended to be used in a targeted way as its exploitation requires manual intervention. We’ve been advised that the nature of this attack indicates that it may have been conducted by an outside nation state, but SolarWinds has not verified the identity of the attacker. As our investigation has progressed, and as we’ve worked with CrowdStrike and KPMG, we’ve identified malware known as SUNSPOT, the highly sophisticated and novel code designed to inject the SUNBURST malicious code into the Orion Platform during the build process. SUNSPOT is not a new malware or attack, but instead a component of the SUNBURST cyberattack. Read more about SUNSPOT on the CrowdStrike blog here. While SUNSPOT is the means by which the attackers injected the SUNBURST backdoor during the build process of the Orion Platform, TEARDROP and RAINDROP are reportedly malware loaders that could be deployed as secondary tools using the SUNBURST backdoor. SUNSPOT, TEARDROP, and RAINDROP are NOT new vulnerabilities within our products as some reports in the media have indicated, but instead, they are elements of the SUNBURST attack chain. The Cybersecurity and Infrastructure Security Agency (CISA) Computer Emergency Readiness Team (CERT), part of the Department of Homeland Security (DHS), CERT issued Emergency Directive 21-01 on December 13, 2020 regarding this issue and has updated their guidance as part of our ongoing coordination with the agency. The latest information can be found on CISA’s Supply Chain Compromise page and continues to be updated as we learn more. We want to assure you we’ve removed the software builds known to be affected by the SUNBURST vulnerability from our download sites. While our investigations are ongoing, based on our investigations to date, we are not aware that this SUNBURST vulnerability affects other versions of Orion Platform products. Also, while we are still investigating our non-Orion products, we have not seen any evidence that they are impacted by the SUNBURST vulnerability. If you aren't sure which version of the Orion Platform you are using, see directions on how to check that here. To check which hotfix updates you have applied, please go here. Known affected products: Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, or with 2020.2 HF 1, including: Application Centric Monitor (ACM) Database Performance Analyzer Integration Module* (DPAIM*) Enterprise Operations Console (EOC) High Availability (HA) IP Address Manager (IPAM) Log Analyzer (LA) Network Automation Manager (NAM) Network Configuration Manager (NCM) Network Operations Manager (NOM) User Device Tracker (UDT) Network Performance Monitor (NPM) NetFlow Traffic Analyzer (NTA) Server & Application Monitor (SAM) Server Configuration Monitor (SCM) Storage Resource Monitor (SRM) Virtualization Manager (VMAN) VoIP & Network Quality Manager (VNQM) Web Performance Monitor (WPM) *NOTE: Please note DPAIM is an integration module and is not the same as Database Performance Analyzer (DPA), which we do not believe is affected. SolarWinds products NOT KNOWN TO BE AFFECTED by this security vulnerability: 8Man Access Rights Manager (ARM) AppOptics Backup Document Backup Profiler Backup Server Backup Workstation CatTools Dameware Mini Remote Control Dameware Patch Manager Dameware Remote Everywhere Dameware Remote Manager Database Performance Analyzer (DPA) Database Performance Monitor (DPM) DNSstuff Engineer’s Toolset Engineer's Web Toolset FailOver Engine Firewall Security Monitor Identity Monitor ipMonitor Kiwi CatTools Kiwi Log Viewer Kiwi Syslog Server LANSurveyor Librato Log & Event Manager (LEM) Log and Event Manager Workstation Edition Loggly Mobile Admin Network Topology Mapper (NTM) Papertrail Patch Manager Pingdom Pingdom Server Monitor Security Event Manager (SEM) Security Event Manager Workstation Edition Server Profiler Service Desk Serv-U FTP Server Serv-U Gateway Serv-U MFT Server Storage Manager Storage Profiler Threat Monitor Virtualization Profiler Web Help Desk SQL Sentry DB Sentry V Sentry Win Sentry BI Sentry SentryOne Document SentryOne Test Task Factory DBA xPress Plan Explorer APS Sentry DW Sentry SQL Sentry Essentials SentryOne Monitor BI xPress SolarWinds MSP Products: N-central – Probe N-central – Topology N-central – NetPath N-central NetPath – Server RMM Backup Disaster Recovery M365 Backup Backup Mail Assure SpamExperts MSP Manager PassPortal Take Control Patch Automation Manager Webprotection We have also found no evidence that any of our free tools, Orion agents, or Web Performance Monitor (WPM) Players are impacted by SUNBURST. RECOMMENDED ACTIONS SolarWinds uses a digital code-signing certificate to digitally sign each software build, and to help end users authenticate the code comes from us. As part of our response to the SUNBURST vulnerability, the code-signing certificate used by SolarWinds to sign the affected software versions was revoked March 8, 2021. This is industry-standard best practice for software that has been compromised. We’ve obtained new digital code-signing certificates and have rebuilt the affected versions, have re-signed our code, and have re-released all of the products previously signed with the certificate to be revoked. To ensure the performance of your SolarWinds product(s), you must upgrade to these new builds. If you’re unable to upgrade at this time, we have provided a script that customers can install to temporarily protect their environment against the SUPERNOVA malware***. The script is available at https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip. To take advantage of our latest available security updates protections for the products you have deployed, we recommend all active maintenance customers of Orion Platform products upgrade to version 2020.2.5 as soon as possible. For more information, review the Release Notes here, and KB article here. Customers on Orion Platform versions 2019.4.2 or 2020.2.4 have applied security enhancements designed to protect you from SUNBURST and SUPERNOVA. NOTE: If you reinstall, you need to re-apply the patch or hotfix. The latest updates designed to protect against SUNBURST and SUPERNOVA are as follows: * 2019.2 HF 4 (released February 5, 2021) * 2019.4.2 (released February 2, 2021) * 2020.2.4 (released January 25, 2021) * 2019.2 Security Patch (released December 23, 2020) * 2018.4 Security Patch (released December 23, 2020) * 2018.2 Security Patch (released December 23, 2020) To identify the version of the Orion Platform software you are using, you can review the directions on how to check here or refer to the image below. To check which updates you have applied, please go here. From Orion Web Console All product versions are displayed in the footer of the Orion Web Console login page. See the example below of 2019.4 HF 4: We recommend taking the steps related to your use of your version of the SolarWinds Orion Platform per the table below: Orion Platform Version Known Affected by SUNBURST? Known Vulnerable to SUPERNOVA? Affected by Digital Certificate Revocation Recommended Action Direct Link 2020.2.5 NO NO NO No action needed No action needed 2020.2.4 NO NO NO No action needed to protect against SUNBURST or SUPERNOVA; though SolarWinds recommends you upgrade to 2020.2.5 to address other, unrelated security vulnerabilities. More info is here. customerportal.solarwinds.com 2020.2.1 HF 2 NO NO YES Upgrade to 2020.2.5 customerportal.solarwinds.com 2020.2.1 HF 1 NO YES YES Upgrade to 2020.2.5 customerportal.solarwinds.com 2020.2.1 NO YES YES Upgrade to 2020.2.5 customerportal.solarwinds.com 2020.2 HF 1 YES YES YES Upgrade to 2020.2.5 customerportal.solarwinds.com 2020.2 YES YES YES Upgrade to 2020.2.5 customerportal.solarwinds.com 2019.4.2 NO NO NO No action needed No action needed 2019.4 HF 6 NO NO YES Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2019.4 HF 5 YES YES YES Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2019.4 HF 4 NO YES YES Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2019.4 HF 3 NO YES NO Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2019.4 HF 2 NO YES NO Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2019.4 HF 1 NO YES NO Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2019.4 NO* YES NO Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2019.2 HF 3 NO YES NO Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2019.2 HF 2 NO YES NO Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2019.2 HF 1 NO YES NO Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2019.2 NO YES NO Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2018.4 NO YES NO Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com 2018.2 NO YES NO Upgrade to 2020.2.5 OR upgrade to 2019.4.2 customerportal.solarwinds.com All prior versions NO YES NO Upgrade to 2020.2.5, apply temporary mitigation script, or discontinue use To upgrade, go to customerportal.solarwinds.com OR to apply temporary mitigation script*** go to https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip *As a part of the ongoing investigation, we have determined that Orion Platform version 2019.4 unpatched, released in October 2019, contained test modifications to the code base. While this version is not impacted by the SUNBURST vulnerability, it is the first version in which we have seen activity from the attacker at this time. Subsequent releases 2019.4 HF 1, 2019.4 HF 2, 2019.4 HF 3, and 2019.4 HF 4 did not include either test modifications contained in the 2019.4 version or the SUNBURST vulnerability contained in 2019.4 HF 5, 2020.2 with no hotfix and 2020.2 HF 1. ** If you apply a SUPERNOVA security patch per the above chart, please visit this KB article to validate the patch was applied to all Orion Platform web servers. If you reinstall your Orion server, you will need to reapply the respective patch. *** If you use the SUPERNOVA Mitigation Script to address the SUPERNOVA vulnerability, use the guidance in the document within that package to confirm the temporary patch. Please note that this script has only been tested down to NPM 11.x. If you reinstall your Orion server, you will need to reapply this script. All recommended upgrade versions are currently available at customerportal.solarwinds.com. All hotfix updates are cumulative and can be installed from any earlier version. There is no need to install previously released hotfix updates. You may need to synchronize your license prior to applying the hotfix. Please follow the steps here to kick off the synchronization of your license. If you have disabled outward communication from your Orion license, please follow the “Activate License Offline” section from here. Once you have successfully synched your license, please run the installer to install the hotfix. To provide additional security for your Orion Platform installation, please follow the guidelines available here for your Orion Platform instance. The primary mitigation steps include having your Orion Platform installed behind firewalls, disabling internet access for the Orion Platform, and limiting the ports and connections to only what is required to operate your platform. WHAT ARE WE DOING TO HELP? Our primary focus has been on helping our customers protect the security of their environments. Our commitment to our customers remains high, and we’ve introduced a new program designed to address the issues our customers face. We’ve developed a program to provide professional consulting resources experienced with the Orion Platform and products to assist customers who need guidance on or support upgrading to the latest hotfix updates. These consulting services will be provided at no charge to our active maintenance Orion Platform product customers. We want to make sure that customers working to secure their environments have the help and assistance they need from knowledgeable resources. Read more about the program here. We continue to work with leading security experts in our investigations to help further secure our products and internal systems. SUMMARY Security and trust in our software is the foundation of our commitment to our customers. We strive to implement and maintain appropriate administrative, physical, and technical safeguards, security processes, procedures, and standards designed to protect our customers. Our investigations and remediation efforts for the SUNBURST vulnerability are early and ongoing. Thank you for your continued patience and partnership. We are making regular updates to this Security Advisory page at solarwinds.com/securityadvisory, and we encourage you to refer to this page. We’re Geekbuilt.® Developed by network and systems engineers who know what it takes to manage today's dynamic IT environments, SolarWinds has a deep connection to the IT community. The result? IT management products that are effective, accessible, and easy to use. * * * * Company Investors EVENTS Career Center Security Advisory Resource Center Preference Center For Customers For Government GDPR Resource Center Legal Documents Privacy California Privacy Rights Security Information Documentation & Uninstall Information Trust Center © 2021 SolarWinds Worldwide, LLC. All rights reserved. Close {{STATIC CONTENT}} {{CAPTION_TITLE}} {{CAPTION_CONTENT}} {{TITLE}}