Security researchers at Trend Micro Zero Day Initiative discovered multiple vulnerabilities impacting SolarWinds Access Rights Manager (ARM). Successful exploitation of the vulnerabilities may allow the attackers to perform remote code execution on target systems. CVE-2024-23476, CVE-2024-23479, and CVE-2023-40057 are given critical severity ratings and CVSS scores of 9.6, 9.6, and 9.0, respectively. CVE-2024-23477 and CVE-2024-23478 … Continue reading “SolarWinds Access Rights Manager (ARM) Multiple Vulnerabilities Allows Remote Code Execution”
Tag: SolarWinds
SolarWinds Full System Control Vulnerabilities (CVE-2021-25274, CVE-2021-25275, CVE-2021-25276)
Three critical vulnerabilities were observed in SolarWinds products. All these severe bugs allow remote code execution with high privileges. At the time of this blog being published, there has been no active PoC in the wild. CVE-2021-25274 – MSMQ Remote Code Execution SolarWinds Collector Service uses MSMQ (Microsoft Message Queue), and it doesn’t set permissions … Continue reading “SolarWinds Full System Control Vulnerabilities (CVE-2021-25274, CVE-2021-25275, CVE-2021-25276)”
SolarWinds Backdoor Supply Chain Attack
On December 8, 2020, FireEye disclosed the theft of their Red Team assessment tools. FireEye has confirmed that the attack leveraged trojanized updates to the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure. Communications at U.S.Treasury and Commerce Departments were also compromised by a highly skilled manual supply chain … Continue reading “SolarWinds Backdoor Supply Chain Attack”