Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover

Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover

October 20, 2023 at 04:34PM

Eight critical vulnerabilities have been discovered in SolarWinds’ Access Rights Manager Tool, exposing unpatched systems to potential privilege escalation by attackers. The vulnerabilities range from allowing remote code execution to performing local privilege escalation. A new ARM version, 2023.2.1, has been released to fix the vulnerabilities, and SolarWinds clients are advised to patch their systems immediately.

Based on the meeting notes, it has been identified that there are eight vulnerabilities in the SolarWinds Access Rights Manager Tool (ARM). Three of these vulnerabilities are considered to be critical, while the rest are deemed to be of high severity. These vulnerabilities could potentially allow attackers to gain unauthorized access and execute arbitrary code, ultimately leading to a complete takeover of affected systems.

Two of the vulnerabilities (CVE-2023-35181 and CVE-2023-35183) allow unauthorized users to exploit local resources and incorrect folder permissions, resulting in local privilege escalation. These vulnerabilities have been rated as “High” severity.

Three other vulnerabilities (CVE-2023-35180, CVE-2023-35184, and CVE-2023-35186) have been rated as 8.8 out of 10 by Trend Micro. These vulnerabilities enable users to abuse a SolarWinds service or its ARM API to achieve remote code execution.

The most critical vulnerabilities, according to Trend Micro, are CVE-2023-35182, CVE-2023-35185, and CVE-2023-35187. These three vulnerabilities have been given a “critical” severity rating of 9.8. SolarWinds, on the other hand, assigned them ratings of 8.8. Exploiting these vulnerabilities allows attackers to run arbitrary code at the highest privilege level (SYSTEM level) on Windows machines. It is important to note that unlike the other five vulnerabilities, these three do not require prior authentication for exploitation.

To address these vulnerabilities, SolarWinds has released a new version of ARM (version 2023.2.1) to the public on Wednesday, which resolves all eight vulnerabilities. It is strongly recommended that SolarWinds clients patch their systems immediately to mitigate the risks associated with these vulnerabilities.

Full Article