Security researchers at Trend Micro Zero Day Initiative discovered multiple vulnerabilities impacting SolarWinds Access Rights Manager (ARM). Successful exploitation of the vulnerabilities may allow the attackers to perform remote code execution on target systems. CVE-2024-23476, CVE-2024-23479, and CVE-2023-40057 are given critical severity ratings and CVSS scores of 9.6, 9.6, and 9.0, respectively. CVE-2024-23477 and CVE-2024-23478 … Continue reading “SolarWinds Access Rights Manager (ARM) Multiple Vulnerabilities Allows Remote Code Execution”