In this post, we will summarize news on the SolarWinds hack from Trustwave’s perspective.

Feb 3, 2021 1

  • Published advisory detailing two previously-unknown, serious vulnerabilities in SolarWinds Orion. These vulnerabilities are not known to have been used by UNC2452
  • Documented significant vulnerability in SolarWinds product ServU-FTP

Feb 9, 2021 2

  • Demonstrated proof-of-concept code for all three new vulnerabilities found
  • Declared that UNC2452 and chinese threat actors have not been observed to exploit any of three vulnerabilities

References

  1. https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/ 

  2. Overview of New Solarwinds Vulnerabilities Discovered by Trustwave SpiderLab