What are the critical vulnerabilities in SolarWinds ARM?

There are three critical vulnerabilities in SolarWinds ARM: CVE-2023-35182, CVE-2023-35185, and CVE-2023-35187. These vulnerabilities could allow remote attackers to execute code with SYSTEM privileges.

What action has SolarWinds taken to address these vulnerabilities?

SolarWinds has released a patch in version 2023.2.1 of its Access Rights Manager to address these vulnerabilities. Users are strongly advised to apply this patch as soon as possible to protect their systems from potential exploitation.

Advisory

SolarWinds Acces Rights tool critically vulnerable, exposes remote takeover

Q: What is SolarWinds Access Rights Manager (ARM)?

SolarWinds Access Rights Manager (ARM) is a tool designed to help organizations manage and audit user access rights across their IT environments.

Q: How severe are these vulnerabilities?

While SolarWinds did not rate any of the security issues as critical, external security researchers found the three critical vulnerabilities to be of higher severity (9.8) due to the potential impact they could have on affected systems.

published: Oct. 20, 2023

Take action: If your Solar Winds ARM is exposed to the internet, PATCH NOW! If it's properly locked in an internal network, have a proper patch planning discussion and implement the patch systematically. Just don't ignore the vulnerabilities.

Learn More

Multiple vulnerabilities are reported in SolarWinds Access Rights Manager (ARM), with three of them considered critical. ARM is a tool designed to help organizations manage and audit user access rights across their IT environments. These critical vulnerabilities could potentially allow remote attackers to execute code with SYSTEM privileges, which is the highest level of access on a Windows machine.

CVE-2023-35182 (CVSS score 9.8): This vulnerability allows remote, unauthenticated attackers to execute arbitrary code in the context of SYSTEM. It occurs due to the deserialization of untrusted data in the 'createGlobalServerChannelInternal' method.
CVE-2023-35185 (CVSS score 9.8): Similar to the previous vulnerability, this one also enables remote, unauthenticated attackers to execute arbitrary code as SYSTEM. It results from a lack of validation of user-supplied paths in the 'OpenFile' method.
CVE-2023-35187 (CVSS score 9.8): This vulnerability allows remote, unauthenticated attackers to execute arbitrary code as SYSTEM without authentication, primarily because of a lack of validation of user-supplied paths in the 'OpenClientUpdateFile' method.

Exploiting these vulnerabilities effectively means that attackers can gain full control over all files on the victim's machine, as they would have SYSTEM-level privileges.

It's important to note that while SolarWinds did not rate any of the security issues as critical, the highest severity rating assigned by the company for these vulnerabilities is 8.8 for high-severity issues. However, external security researchers found the three critical vulnerabilities to be of higher severity (9.8) due to the potential impact they could have on affected systems.

In addition to these critical vulnerabilities, there are other high-severity issues in ARM. Attackers could potentially exploit these issues after authentication to escalate their privileges or execute arbitrary code on the compromised host.

SolarWinds has addressed these vulnerabilities by releasing a patch in version 2023.2.1 of its Access Rights Manager. Users are strongly advised to apply this patch as soon as possible to protect their systems from potential exploitation.

SolarWinds Acces Rights tool critically vulnerable, exposes remote takeover

Read More
ServiceNow flaws actively exploited by hackers
Critical vulnerability reported in OneDev DevOps platform
Cisco reports critical vulnerabilities in its Expressway Series
Critical Flaw reported in Metabase Business Intelligence
Ivanti patches another round of critical flaws in …