By Raphael Satter
WASHINGTON (Reuters) – Software company SolarWinds says that unknown hackers exploited a previously unknown flaw in two of its programs to go after “a limited, targeted set of customers.”
The statement https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211, issued over the weekend, did not identify the hackers involved.
In a question-and-answer page appended to the statement, SolarWinds said the flaw was “completely unrelated” to last year’s hack of government networks by alleged Russian spies, a sprawling espionage operation that used the Texas-based software company as a springboard to break into target networks.
The page added that SolarWinds “is unaware of the identity of the potentially affected customers” caught up in the latest hacking campaign.
SolarWinds credited Microsoft Corp researchers for finding the bug. SolarWinds did not immediately return a Reuters request seeking comment on the announcement.
Microsoft declined to comment.
(Reporting by Raphael Satter; Editing by Sandra Maler)
