#CVE202428991

SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks

by

September 17, 2024 at 01:15AM SolarWinds released fixes for two security flaws in its Access Rights Manager (ARM) software. The critical vulnerability (CVE-2024-28991) with a 9.0 CVSS score allows remote code execution. A medium-severity flaw (CVE-2024-28990) was also addressed. Security researcher Piotr Bazydlo discovered the flaws, and updates to ARM version 2024.3.1 are recommended to … Read more

SolarWinds Patches Critical Vulnerability in Access Rights Manager

by

September 16, 2024 at 05:27AM SolarWinds has released patches for two vulnerabilities in its Access Rights Manager, including a critical-severity bug (CVE-2024-28991) enabling remote code execution. A second issue (CVE-2024-28990) allows an attacker to access RabbitMQ management console. Both were resolved in version 2024.3.1 and users are advised to update installations promptly. No exploitation in … Read more