true

Third Party Vulnerability

SolarWinds

Background

BD is aware of and is actively monitoring recent cyberattacks against multiple U.S. government agencies, critical infrastructure entities, and private sector organizations.

According to an alert from the Cybersecurity and Infrastructure Agency (CISA), these events are part of a widespread cyberattack executed by an advanced persistent threat actor (APT) who exploited vulnerabilities in updates from SolarWinds Orion products, a network management software that helps companies monitor and manage their networks, systems, and information technology infrastructure.

Response

BD has confirmed that no BD offerings deployed at customer sites contain SolarWinds Orion products. BD will continue to provide any update regarding this vulnerability.

BD will continue to review guidance and take appropriate action as recommended by CISA, SolarWinds and FireEye.