OCR is sharing an update with our listserv from the Cybersecurity and Infrastructure Security Agency (CISA), addressing an active exploitation of SolarWinds Orion Platform software versions 2019.4 through 2020.2.1, released between March 2020 and June 2020, which could significantly compromise information systems: