SolarWinds recently patched a critical severity vulnerability in its Access Rights Manager (ARM) program, which allowed threat actors to run malicious code remotely.
Access Rights Manager (ARM) is a piece of software designed to help organizations manage, monitor, and audit user access rights across their IT systems.
In a security advisory published earlier this week, SolarWinds said that ARM was vulnerable to a “deserialization of untrusted data remote code execution flaw,” which essentially means that the software was not validating user-supplied data properly. That data, if malicious, could be abused in cyberattacks.
Patch available
The bug is tracked as CVE-2024-28991, and has a severity rating of 9.0/10 (critical). It was first spotted by security researchers from Trend Micro’s Zero Day Initiative (ZDI), The Hacker News reports, who gave it a 9.9 severity rating. One of the reasons is because of poor authentication practices: “Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed,” the ZDI said.
If you are using ARM, you should make sure you’re running version 2024.3.1. SolarWinds says there is no evidence that the flaw is being abused in the wild, but is still advocating caution and advising users to patch without delay.
Although SolarWinds is a major IT services provider, popular among enterprises, it rose to infamy back in 2020 when an upcoming patch for one of its products was compromised by ransomware hackers. Unknowingly, the company pushed a tainted update to countless customers, compromising many of them in the process, and resulting in sensitive data being stolen from dozens of high-profile organizations.
Last year, the US Securities and Exchange Commission (SEC) decided to sue SolarWinds for the incident, claiming its executives knew about its security shortcomings. Instead of notifying investors and users, the lawsuit alleges, the execs kept the information for themselves and even tried to convince everyone of the opposite.
Via The Hacker News
More from TechRadar Pro
https://cdn.mos.cms.futurecdn.net/j5YMwZuuKnvAXLyKBEmDrb-1200-80.jpg
Source link
