Published On: Jul 24, 2024 15:50
Advisory No: TZCERT-SA-24-0002
Source: SolarWinds
Software Affected: SolarWinds Access Rights Manager (ARM)
Critical vulnerabilities affect SolarWinds ARM. An attacker can leverage the vulnerabilities to execute remote arbitrary code on the affected device
SolarWinds Access Rights Manager (ARM) is vulnerable to three (3) critical vulnerabilities all with 9.6 CSVV scores and tracked as CVE-2024-23469, CVE-2024-23467, CVE-2024-23471. Successful exploitation of these vulnerabilities allows an unauthenticated user to perform remote code execution with SYSTEM privileges
Successful exploitation of these vulnerabilities may allow the attacker to take control of the affected system.
SolarWinds has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.
A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.