Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HSolarwinds Serv U
APPSolarwinds15.2.3< 15.2.3
CISA KEV — detailsi
- Vendori
- SolarWinds
- Producti
- Serv-U
- Added to KEVi
- November 3, 2021
- Remediation deadline (US Federal)i
- November 17, 2021(overdue)
- Ransomwarei
- Active ransomware campaigns exploit this vulnerability
Apply updates per vendor instructions.
SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.
Related vulnerabilities
Type confusion w SolarWinds Serv-U umożliwiający wykonanie kodu
IDOR w SolarWinds Serv-U umożliwia wykonanie kodu jako uprzywilejowane konto
Type confusion w SolarWinds Serv-U umożliwia RCE na uprzywilejowanym koncie
SolarWinds Serv-U: broken access control umożliwiający RCE jako administrator systemu
SolarWinds Serv-U — błąd logiczny umożliwiający wykonanie kodu przez admina