The discovery of this new vulnerability only added to the concerns around the software and SolarWinds as a company.
The SolarWinds Orion software had already been at the center of a massive supply chain attack in late 2020, where attackers had compromised the software and used it to distribute malware to thousands of customers. The vulnerability, named CVE-2021-25274, allowed attackers to execute remote code on a vulnerable system, potentially giving them access to sensitive data and control over the affected network. In March 2021, cybersecurity journalist Catalin Cimpanu broke the news of a new vulnerability in the SolarWinds Orion software that had been discovered by cybersecurity researchers.
0 kommentar(er)
