SUMMARY
It has been widely reported that SolarWinds Orion systems have identified vulnerabilities disclosed on Sunday, Dec. 13. These vulnerabilities exploit update mechanisms of the SolarWinds system in order to distribute malware to SolarWinds’ clients.
FIRST UNITED’S RESPONSE
Please be assured First United Bank & Trust has a robust security program that includes active patching, thorough scanning, and quick resolution of any vulnerabilities and we take issues like this very seriously.
Upon learning of this issue, a vulnerability assessment was initiated to determine the scope and impact to any relevant First United systems. First United does not utilize the SolarWinds Orion UDT software, however any applicable 3rd party vendors are being investigated to determine if they may have been impacted. At this point in time, no information or system has been breached and no impact to customer data has been identified.
We continue to monitor vendors and any mitigations they may take and apply additional security patches as they become available. We are closely monitoring the situation as it develops and there are no known impacts at this time.
SolarWinds OVERVIEW
SolarWinds is a widely used security vendor with products that help organizations administer and monitor the health of their IT systems and networks.