Hello, Guest!

Cybersecurity

Healthcare Sector Urged to Patch SolarWinds Vulnerabilities

Remote code execution

Healthcare Sector Urged to Patch SolarWinds Vulnerabilities

The Health Sector Cybersecurity Coordination Center within the Department of Health and Human Services has advised health organizations to patch their SolarWinds systems to address vulnerabilities in the Access Rights Manager software.

SolarWinds has released security fixes for eight vulnerabilities, including three system issues deemed critical because they could enable hackers to perform remote code execution to obtain top-level system privileges. 

According to HC3, the health sector must prioritize mitigating the vulnerabilities, citing a 2020 cyber incident that compromised SolarWinds’ Orion IT monitoring software and impacted nearly 100 organizations in the public and private sectors, HealthITSecurity reported.

HC3 noted that since SolarWinds is widely used, hackers could send malware to customers disguised as legitimate software and cause serious damage. The HHS coordination center encouraged the health care sector to refer to SolarWinds’ guidance in upgrading the systems to the latest version.

The SolarWinds ARM software is designed for provisioning, deprovisioning, managing and auditing user access rights to systems, data and files. Its capabilities can support health care organizations in complying with the Health Insurance Portability and Accountability Act.

Potomac Officers Club Logo
Become a Potomac Officer Club Insider
Sign up for our weekly email & get exclusive event, and speaker updates, and find networking opportunities to connect with GovCon decision makers.

Category: Cybersecurity