SolarWinds Full System Control Vulnerabilities (CVE-2021-25274, CVE-2021-25275, CVE-2021-25276)

Three critical vulnerabilities were observed in SolarWinds products. All these severe bugs allow remote code execution with high privileges. At the time of this blog being published, there has been no active PoC in the wild. CVE-2021-25274 – MSMQ Remote Code Execution SolarWinds Collector Service uses MSMQ (Microsoft Message Queue), and it doesn’t set permissions … Continue reading “SolarWinds Full System Control Vulnerabilities (CVE-2021-25274, CVE-2021-25275, CVE-2021-25276)”

SolarWinds Backdoor Supply Chain Attack

On December 8, 2020, FireEye disclosed the theft of their Red Team assessment tools. FireEye has confirmed that the attack leveraged trojanized updates to the SolarWinds Orion platform, which is used by organizations to monitor and manage IT infrastructure. Communications at U.S.Treasury and Commerce Departments were also compromised by a highly skilled manual supply chain … Continue reading “SolarWinds Backdoor Supply Chain Attack”