At a glance:
| ID | 49692 |
| Created | Dec 21, 2020 |
| Updated | Feb 10, 2021 |
| Severity |
|
| Coverage |
IPS (Regular DB)
IPS (Extended DB)
|
| Default Action | drop |
| Active |
|
| Affected OS | Windows |
| Affected App | Other |
Legend
| Enabled/Available |
|
| Disabled/Not Avaliable | 
|
Update History
| Date | Version | Detail |
|---|---|---|
| 2020-12-22 | 16.984 | * |
| 2020-12-28 | 16.986 | Default_action:pass:drop |
| 2021-01-12 | 16.996 | *Sig Added |
| 2021-01-20 | 17.003 | *Sig Added |
| 2021-01-27 | 17.006 | *Sig Added |
| 2021-02-01 | 17.008 | *Sig Added |
| 2021-02-11 | 17.015 | *Sig Added |
Refine Search
Intrusion Prevention
SolarWinds.SUNBURST.Backdoor
Description
This indicates that SUNBURST Backdoor C2 communication was detected in the network.
Affected Products
SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, or with 2020.2 HF 1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
This signature's action can be set to "Block" to block this application.
Please use Anti-Virus software to scan and clean the system.
Also follow the latest advisory from the vendor.
https://www.solarwinds.com/securityadvisory