Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

SolarWinds addressed critical RCEs in Access Rights Manager (ARM)

SolarWinds addressed three critical vulnerabilities in its Access Rights Manager (ARM) solution, including two RCE bugs. SolarWinds has fixed several Remote Code Execution (RCE) vulnerabilities in its Access Rights Manager (ARM) solution. Access Rights Manager (ARM) is a software solution designed to assist organizations in managing and monitoring access rights and permissions within their IT […]

SolarWinds SolarWinds Web Help Desk

SolarWinds addressed three critical vulnerabilities in its Access Rights Manager (ARM) solution, including two RCE bugs.

SolarWinds has fixed several Remote Code Execution (RCE) vulnerabilities in its Access Rights Manager (ARM) solution.

Access Rights Manager (ARM) is a software solution designed to assist organizations in managing and monitoring access rights and permissions within their IT infrastructure. This type of tool is crucial for maintaining security, compliance, and efficient administration of user access to various resources, systems, and data.

Below is the list of flaws addressed by the company:

ADVISORYCVE IDSEVERITYRELEASE DATELAST UPDATEFIXED VERSION
SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution VulnerabilityCVE-2023-400579.0 Critical02/06/202402/06/2024SolarWinds Access Rights Manager (ARM) 2023.2.3
SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution VulnerabilityCVE-2024-234769.6 Critical02/06/202402/06/2024SolarWinds Access Rights Manager (ARM) 2023.2.3
SolarWinds Access Rights Manager (ARM) Traversal Remote Code Execution VulnerabilityCVE-2024-234777.9 High02/06/202402/06/2024SolarWinds Access Rights Manager (ARM) 2023.2.3
SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution VulnerabilityCVE-2024-234788.0 High02/06/202402/06/2024SolarWinds Access Rights Manager (ARM) 2023.2.3
SolarWinds Access Rights Manager (ARM) Traversal Remote Code Execution VulnerabilityCVE-2024-234799.6 Critical02/06/202402/06/2024SolarWinds Access Rights Manager (ARM) 2023.2.3
SQL Injection Remote Code Execution VulnerabilityCVE-2023-503958.0 High02/06/202402/06/2024SolarWinds Platform 2024.1
SQL Injection Remote Code Execution VulnerabilityCVE-2023-351888.0 High02/06/202402/06/2024SolarWinds Platform 2024.1

The three critical remote code execution flaws are:

  • CVE-2023-40057 (CVSS score 9.0): A deserialization of untrusted data issue. An authenticated user can exploit this vulnerability to abuse a SolarWinds service resulting in remote code execution.
  • CVE-2024-23479 (CVSS score 9.6): A Directory Traversal Remote Code Execution Vulnerability. An unauthenticated user can exploit this issue to achieve the Remote Code Execution.
  • CVE-2024-23476 (CVSS score 9.6) Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution.

The company fixed the flaws with the release of Access Rights Manager 2023.2.3.

SolarWinds made the headlines in 2020, when Russia-linked APT group carried out a supply chain attack that compromised the Orion software provided by the company.

In a filing with US SEC, the company revealed that 18,000 customers might have been impacted by the cyber attack against its supply chain.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, SolarWinds)