The Cybersecurity and Infrastructure Security Agency has released an emergency directive directing all federal civilian agencies to mitigate a compromise that threat actors are exploiting in SolarWinds' (NYSE: SWI) Orion Network Management products.
CISA Acting Director Brandon Wales said in a statement published Sunday the vulnerability “poses unacceptable risks to the security of federal networks.”
“Tonight’s directive is intended to mitigate potential compromises within federal civilian networks, and we urge all our partners—in the public and private sectors—to assess their exposure to this compromise and to secure their networks against any exploitation,” Wales added.
According to the directive, an attacker uses the vulnerability to get access to network traffic management systems and agencies should immediately disconnect from their networks SolarWinds Orion products versions 2019.4 to 2020.2.1 HF1.
Agencies using SolarWinds products were advised to submit completion reports to CISA by Dec. 14, Monday.
“The Department of Homeland Security is aware of cyber breaches across the federal government and working closely with our partners in the public and private sector on the federal response,” Alexei Woltornist, assistant secretary for public affairs at DHS, said in a statement Monday.