Eight previously unknown vulnerabilities have been found within SolarWinds' Access Rights Manager Tool (ARM). Among these, three have been classified as critical, posing a substantial threat to unpatched systems. The critical vulnerabilities are as follows:
In these cases, insufficient data validation in the 'createGlobalServerChannelInternal,' 'OpenFile,' and 'OpenClientUpdateFile' methods allows attackers to execute code at the highest Windows privilege level (SYSTEM). Also, these three vulnerabilities don't require prior authentication.
A fix for these vulnerabilities has been released in the form of ARM version 2023.2.1. There are other vulnerabilities that also impact ARM but are not as severe as those previously mentioned.
Avertium strongly recommends that all users upgrade to ARM version 2023.2.1 as soon as possible. It’s important to be proactive and protect your systems and data.
INDICATORS OF COMPROMISE (IoCs)
At this time, there are no known IoCs associated with the above vulnerabilities. Avertium remains vigilant in locating IoCs for our customers. Should any be located, Avertium will disclose them as soon as possible. For more information on how Avertium can help protect your organization, please reach out to your Avertium Service Delivery Manager or Account Executive.