SolarWinds Corp., the software program firm on the heart of an enormous cyberattack final 12 months, is warning some prospects that hackers have found and exploited a brand new vulnerability.
In a statement launched over the weekend, SolarWinds
warned customers of its Serv-U Managed File Switch Server and Serv-U Secured FTP to right away set up a hotfix to safe the vulnerability. If left unpatched, “An attacker may then set up packages; view, change, or delete knowledge; or run packages on the affected system,” the corporate stated.
Austin, Texas-based SolarWinds stated it was alerted to the hack by Microsoft Corp.
and that it entails “a restricted, focused set of consumers and a single menace actor.”
SolarWinds careworn that the vulnerability particularly targets its Serv-U merchandise: “To the perfect of our understanding, no different SolarWinds merchandise have been affected by this vulnerability.”
The corporate stated the most recent breach is “fully unrelated” to final 12 months’s large “Sunburst” cyberattack, which uncovered probably delicate knowledge at a number of federal agencies, together with the Treasury Department, and major companies, together with Intel Corp.
Cisco Techniques Inc.
and Nividia Corp.
SolarWinds stated it didn’t know which of its prospects have been focused within the newest cyberattack, nor does it have an estimate of what number of prospects had been affected.
Shares of SolarWinds fell practically 2% on Monday, giving up early features after the corporate predicted an upbeat second-quarter revenue outlook. The inventory is up 14% 12 months thus far, although down 2% over the previous 12 months.