Impact to Red Hat from recent SolarWinds Orion security disclosure aka "SUNBURST" (CVE-2020-14005 & CVE-2020-13169)
Environment
- Red Hat products & services
- Red Hat corporate assets and tooling
Issue
- I’m concerned about how Red Hat products and services, and Red Hat the company are impacted by the recent FireEye/SolarWinds Orion incident aka SUNBURST.
- Is Red Hat impacted by CVE-2020-14005 & CVE-2020-13169?
- I've heard about malware related to SolarWinds (GoldFinder, Sibot, Sunshuttle, GoldMax, Sunburst, and Teardrop).
Resolution
At this time there is no known impact to Red Hat products, services, customer data, or corporate assets. Red Hat does not repackage, distribute, or internally use any components of the SolarWinds Orion toolset.
Root Cause
IT Management vendor SolarWinds experienced a security incident as detailed in a security advisory as well as this CISA advisory. Details about CVE-2020-14005 & CVE-2020-13169 can be found on the MITRE CVE site.
Red Hat Product Security and Information Security continue to monitor the situation and will re-evaluate as new evidence is presented that could alter our current status.
This solution has been reviewed for technical accuracy, optimized for search, and integrated with Product Documentation and/or Red Hat Access Labs. Much like when a software package is accepted upstream, this content has moved from the general KCS editing workflow into the responsibility of Customer Content Services as maintainers.
Comments