This threat report is about a recently discovered vulnerability found in the SolarWinds MSP patch management engine (PME). This vulnerability is noteworthy but has only been tested in a theoretical setting.
The security community has assigned the identifier CVE-2020-12608. There is a patch available that can be pulled down automatically via auto-update.
To exploit this SolarWinds MSP PME vulnerability, a bad actor would have to do the following:
While a vulnerability like this one may not be a concern for some organizational units, it’s highly encouraged to use tested update cycles to patch software flaws like this one.
Realistically speaking a highly motivated bad actor with a specific target in mind would have the motivation to take the time and effort to exploit CVE-2020-12608. Potential attackers such as nation-state-level actors, commonly referred to as advanced persistent threats (APT’s), would be capable of the level of sophistication to perform this attack type.
A bad actor taking advantage of this SolarWinds vulnerability could mean the following for you:
Avertium strongly encourages you to implement the software patch PME version 1.1.15 to preemptively mitigate this software flaw and utilize the most up-to-date cybersecurity measures to protect your patch management infrastructure.
Depending on the needs of the business, consider any serious long-term probing attempts on your assets to reveal a potential threat.
IBM X-Force Exchange: https://exchange.xforce.ibmcloud.com/vulnerabilities/181651
Note: The Avertium Threat Report analyzes one current threat that has been shared by threat intelligence networks across the globe. Used internally by the Avertium CyberOps Team, this report will outline a “top-of-mind” threat and how it ought to be addressed accordingly.
This informed analysis is based on the latest data available.
Contact us for more information about Avertium’s managed security service capabilities.
Deciding between running an in-house SOC vs. using managed security services to add more rigor, more relevance, and more responsiveness to your cybersecurity program? Compare the two options. Download the e-book!