A number of customers have asked us about whether the products they utilize from Esri have been affected by the SolarWinds Orion code compromise (Emergency Directive 21-01). Esri does not deploy SolarWinds Orion as part of our cloud-based offerings, including both ArcGIS Online and Esri Managed Cloud Services.
Esri does not include SolarWinds Orion as part of our on-premises offerings.
We recommend that any customers utilizing SolarWinds Orion to support their on-premises deployments of our products reference the latest Emergency Directive guidance from CISA concerning this issue to minimize risk to their deployment.
– Esri Software Security & Privacy Team
References:
Security Advisory | SolarWinds
cyber.dhs.gov – Emergency Directive 21-01
Article Discussion: