Security News > 2020 > December > The SolarWinds Perfect Storm: Default Password, Access Sales and More

The SolarWinds Perfect Storm: Default Password, Access Sales and More
2020-12-16 17:05

SECOND UPDATE. A perfect storm may have come together to make SolarWinds such a successful attack vector for the global supply-chain cyberattack discovered this week.

"CISA has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however, these are still being investigated," it said in an updated bulletin on Thursday.

"One of the things that made SolarWinds an ideal target was the fact that the software would typically be given access to the full network to be able to do its job," Marcus Hartwig, manager of security analytics at Vectra, told Threatpost.

He explained, "So, targeting SolarWinds means getting instant access to the most valuable accounts on the network, which is the key step in any attack succeeding."

Security researcher Vinoth Kumar told Reuters that he discovered a hard-coded password for access to SolarWinds' update server last year - the very easy-to-guess "Solarwinds123."


News URL

https://threatpost.com/solarwinds-default-password-access-sales/162327/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 56 33 101 81 50 265