SolarWinds’ Attack – Exposed Orion Platforms Are Still Out There

SolarWinds’ Attack – Exposed Orion Platforms Are Still Out There


Share on linkedin
Share on facebook
Share on twitter

The SolarWinds supply chain attack is one of the most sophisticated cyber attacks the world has witnessed in recent years.

While this incident has been known for almost 3 weeks now, as of December 30th 2020 there were still 930 exposed services running SolarWind’s Orion Platform of which 61% were still running vulnerable unpatched Software versions.

The below chart illustrates the various unpatched software versions and the corresponding number of exposed Orion platforms discovered by Reposify’s Attack Surface Management platform.



SolarWinds’ Orion Platform includes 12 different modules which according to SolarWinds’ website deliver a “scalable infrastructure monitoring and management platform designed to simplify IT administration”.

By gaining access and control over these modules, attackers could have easily carried out various activities to enable easy access into your internal networks and/or leave backdoors that they can use at a later stage.


If so, there are various auditing steps which you must carry out as soon as possible to discover and remove any exposures or entry weak points that attackers might have created in your attack surface.

Special focus areas for examination should include:

  • Firewalls, Routers & Switches: Ensure configurations are meeting your policies.
  • Remote Access Services: Ensure your RDP panels are not exposed, VPN are patched and proper authentication and MFA are in place
  • Cloud Assets: ensure no assets are missing and verify that access management settings are properly configured


Not sure if your organization might have been affected by this attack?
Want to discover if any of your subsidiaries are using SolarWinds’ Orion platform?

Contact our cyber experts today to get a comprehensive analysis of your external attack surface to discover any unknown exposures, misconfigurations and vulnerabilities that attackers might be able to exploit.

Uncover My Exposures


New call-to-action

Reposify is an attack surface management platform delivering autonomous 24/7 discovery of exposed assets across all environments and the supply chain. Leading enterprises worldwide use Reposify to gain unparalleled visibility of their internet-facing assets and actionable security insights for eliminating shadow IT risks in real-time


Share on linkedin
Share on facebook
Share on twitter

Ready to discover your External Attack Surface?

Read Next

External Attack Surface Management for Red Teams

With real-time visibility into the external attack surface, Red Teams can know when new assets go online for dynamic security across complex cloud and IT infrastructures.

Gartner Recognized Reposify for its Innovative External Attack Surface Management Solution.

Gartner has named Reposify to its 2021 Emerging Vendors list in the external attack surface management (‘EASM’) security category.

The 4 Most Vulnerable Attack Surface Exposures in the Pharmaceutical Industry

Reposify's research team examined the security posture of leading pharmaceutical companies worldwide and found the industry's 4 most prevalent and vulnerable attack surface exposures.