SolarWinds ARM Flaw Let Attackers Execute Remote Code

SolarWinds has released their Access Rights Manager version 2023.2.3, in which several vulnerabilities associated with Deserialization and Directory Traversal leading to Remote code execution have been fixed. The CVEs of these vulnerabilities were assigned with

  • CVE-2023-40057 (Deserialization of Untrusted Data Remote Code Execution)
  • CVE-2023-23476 (Directory Traversal Remote Code Execution Vulnerability)
  • CVE-2023-23477 (Directory Traversal Remote Code Execution Vulnerability)
  • CVE-2023-23478 (Deserialization of Untrusted Data Remote Code Execution) and
  • CVE-2023-23479 (Directory Traversal Remote Code Execution Vulnerability).

The severity for these vulnerabilities ranges between 7.9 (High) and 9.6 (Critical). Several organizations use Access Rights Manager to gather reports about who has access to data and when the data was accessed.

However, SolarWinds has credited multiple security researchers for reporting these vulnerabilities.

Document
Live Account Takeover Attack Simulation

How do Hackers Bypass 2FA?

Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks .

SolarWinds ARM Flaw

Remote Code Execution in SolarWinds ARM : (CVE-2023-40057 and CVE-2024-23478)

These vulnerabilities existed in the SolarWinds Access Rights Manager, which allows an authenticated user to abuse a SolarWinds service that could result in remote code execution on the vulnerable instance. The severity for these vulnerabilities has been given as CVE-2023-40057 (9.0 – Critical) and CVE-2023-23478 (8.0 – High). 

There was no additional information about this vulnerability provided by SolarWinds nor evidence of exploitation in the wild. SolarWinds also thanked Trend Micro Zero Day Initiative (ZDI) for responsibly disclosing this vulnerability.

Directory Traversal Remote Code Execution Vulnerability: (CVE-2024-23476, CVE-2024-23477 and CVE-2024-23479)

These vulnerabilities existed in the SolarWinds Access Rights Manager that could allow an unauthenticated user to perform a remote code execution on the vulnerable instance. The severity for these vulnerabilities has been given as CVE-2024-23476 (9.6 – Critical), CVE-2024-23477 (7.9 – High), and CVE-2024-23479 (9.6 – Critical). 

Moreover, these vulnerabilities were credited to an Anonymous person working with Trend Micro Zero Day Initiative. However, there was no additional information about these vulnerabilities nor any evidence of exploitation of this vulnerability.

All of these vulnerabilities existed on SolarWinds Access Rights Manager 2023.2.2. SolarWinds urges all its users to upgrade to the latest version, 2023.2.3, to prevent these vulnerabilities from being exploited by threat actors.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Eswar

Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Recent Posts

Dutch Services Disrupted by DDoS Attacks From Russian-Affiliated Hacktivists

Multiple Dutch organizations have experienced significant service disruptions this week due to a series of…

11 minutes ago

Seven Malicious Packages Exploit Gmail SMTP to Run Harmful Commands

A major supply chain security incident has rocked the Python open-source community as researchers at…

33 minutes ago

CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories revealing critical vulnerabilities…

2 hours ago

NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code

NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in its…

3 hours ago

CISA Issues Alert on Actively Exploited Apache HTTP Server Escape Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly…

4 hours ago

Disney Hacker Admits Guilt After Stealing 1.1TB of Internal Data

A 25-year-old man from Santa Clarita, California, has agreed to plead guilty to hacking into…

4 hours ago