Security News > 2020 > December > VMware, Cisco Reveal Impact of SolarWinds Incident
VMware and Cisco have shared information on the impact of the SolarWinds incident, and VMware has responded to reports that one of its products was exploited in the attack.
The NSA advisory on the exploitation of the VMware vulnerability also mentions SAML abuse and security blogger Brian Krebs reported learning from sources that the SolarWinds attackers also exploited the VMware flaw.
The NSA has not confirmed the connection, and VMware said in a statement published on Friday that it has not received any information on CVE 2020-4006 being "Exploited in conjunction with the SolarWinds supply chain compromise."
As for the cyber-spies behind the SolarWinds attack targeting its own systems, VMware admitted that it has identified some "Limited instances" of the compromised Orion software on its internal networks, but it has found no evidence of exploitation, and claimed that SolarWinds' own investigation to date has also not found any evidence of exploitation against VMware.
Cisco also confirmed last week that it identified the malicious software on "a small number of lab environments and a limited number of employee endpoints." The networking giant said it does not use SolarWinds solutions for monitoring or managing its enterprise network, and it had found no evidence that its offers or products were impacted, or that any customer data was exposed as a result of the incident.