SolarWinds patches critical flaws in Access Rights Manager
Take action: If you are using SolarWinds Access Rights Manager, check if the system is accessible from the internet - if yes, patch ASAP. Otherwise, plan for the next regular patch cycle, but don't avoid the patch. Too many critical flaws to be exploited once a hacker finds the product.
Learn More
SolarWinds has recently addressed eight critical vulnerabilities in its Access Rights Manager (ARM) software. The ARM is a an enterprise tool that helps administrators manage and audit access rights across their IT infrastructure to mitigate threat impacts.
Five of these vulnerabilities are remote code execution (RCE) flaws that allow attackers to execute code or commands on unpatched systems, potentially with or without SYSTEM privileges, based on the specific flaw exploited.
Additionally, SolarWinds has patched two critical directory traversal vulnerabilities, CVE-2024-23475 and CVE-2024-23472, which allow unauthenticated users to delete arbitrary files and access sensitive information by navigating outside restricted directories.
Summary of vulnerabilities
- CVE-2024-23469 (CVSS score 9.6) - Remote Code Execution Flaw
- CVE-2024-23466 (CVSS score 9.6) - Directory Traversal Remote Code Execution
- CVE-2024-23467 (CVSS score 9.6) - Directory Traversal Remote Code Execution
- CVE-2024-28074 (CVSS score 9.6) - Internal Deserialization Remote Code Execution
- CVE-2024-23471 (CVSS score 9.6) - CreateFile Directory Traversal Remote Code Execution
- CVE-2024-23475 (CVSS score 9.6) - Directory Traversal and Information Disclosure
- CVE-2024-23472 (CVSS score 9.6) - Directory Traversal Arbitrary File Deletion and Information Disclosure
These vulnerabilities were fixed in the Access Rights Manager 2024.3 update. SolarWinds has not disclosed whether any proof-of-concept exploits exist in the wild or if any of these vulnerabilities have been exploited in attacks.
Previously, SolarWinds patched critical flaws in Access Rights Manager in February 2024.
