Security News > 2020 > December > SolarWinds Says 18,000 Customers May Have Used Compromised Orion Product

SolarWinds Says 18,000 Customers May Have Used Compromised Orion Product
2020-12-14 19:28

SolarWinds' investigation into the recent attacks that leveraged its products to target government and private sector organizations revealed that 18,000 customers may have used the compromised products, the company said in a filing with the Securities and Exchange Commission on Monday.

The vendor says the attacker could have exploited the introduced vulnerability to compromise the server running the Orion product.

SolarWinds says it has notified roughly 33,000 Orion customers of the incident, but the firm believes that in reality "Fewer than 18,000" customers may have used the compromised version of its products.

The source code repository of the Orion products was apparently not compromised.

In its SEC filing, SolarWinds noted that it "Is still investigating whether, and to what extent, a vulnerability in the Orion products was successfully exploited in any of the" attacks reported by the media.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/MSQByDY4kD8/solarwinds-says-18000-customers-may-have-used-compromised-product

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 56 33 101 81 50 265