February 16, 2024 at 01:36PM
SolarWinds patched five remote code execution (RCE) flaws in its Access Rights Manager (ARM) solution, including three critical severity vulnerabilities allowing unauthenticated exploitation. Four flaws were found and reported by researchers. The company also fixed three other critical RCE bugs in October. SolarWinds was charged with defrauding investors by failing to notify them of cybersecurity defense issues before the 2020 hack.
Based on the meeting notes, the key takeaways are as follows:
1. SolarWinds has patched a total of five remote code execution (RCE) flaws in its Access Rights Manager (ARM) solution, including three critical severity vulnerabilities and two high-severity issues.
2. The critical flaws include path traversal weaknesses, deserialization of untrusted data, and unauthenticated exploitation, which could allow unauthenticated attackers to gain code execution on unpatched systems.
3. The vulnerabilities were reported by researchers working with Trend Micro’s Zero Day Initiative (ZDI), and SolarWinds has released a new version, Access Rights Manager 2023.2.3, containing bug and security fixes.
4. There was a supply-chain attack on SolarWinds in March 2020, orchestrated by the Russian APT29 hacking group, which affected a significant number of high-profile organizations and government agencies.
5. In April 2021, the United States government formally accused the Russian Foreign Intelligence Service (SVR) of orchestrating the SolarWinds cyberattack, and in October, the U.S. Securities and Exchange Commission (SEC) charged SolarWinds with defrauding investors by allegedly failing to notify them of cybersecurity defense issues before the 2020 hack.
These are the main points from the meeting notes. Let me know if you need any further information or analysis on these topics.