Critical RCE bugs Found in SolarWinds Access Rights Manager (ARM)

Written by Mitchell Langley

February 19, 2024

Critical RCE bugs Found in SolarWinds Access Rights Manager (ARM)

SolarWinds has successfully addressed multiple critical RCE bugs that were present in its Access Rights Manager (ARM) solution.

Access Rights Manager (ARM) is a software solution developed to aid organizations in effectively managing and overseeing access rights and permissions within their IT infrastructure.

This tool plays a vital role in upholding security, ensuring compliance, and facilitating streamlined administration of user access to diverse resources, systems, and data.

Details of the Critical RCE Bugs in the ARM

The Access Rights Manager (ARM) solution had three critical remote code execution flaws that have been addressed. These Critical Vulnerabilities in SolarWinds are as follows:

  • CVE-2023-40057 (CVSS score 9.0): This vulnerability involves the deserialization of untrusted data. An authenticated user could exploit this flaw to manipulate a SolarWinds service and execute remote code.
  • CVE-2024-23479 (CVSS score 9.6): This critical RCE bug is a Directory Traversal Remote Code Execution Vulnerability. It allows an unauthenticated user to exploit the issue and achieve remote code execution.
  • CVE-2024-23476 (CVSS score 9.6): Similar to the previous flaw, this vulnerability is also a Directory Traversal Remote Code Execution Vulnerability. If exploited, it enables an unauthenticated user to execute remote code.

The identified flaws have been addressed through the release of Access Rights Manager version 2023.2.3. It is crucial to apply this patch promptly to prevent unauthenticated attackers from exploiting these vulnerabilities and gaining code execution on vulnerable systems.

Additionally, SolarWinds has identified two other bugs, namely CVE-2024-23477 and CVE-2024-23478, as high-severity issues. These bugs also have the potential to be exploited in remote code execution attacks. It is recommended to prioritize their resolution to maintain a secure environment.

SolarWinds successfully addressed and patched five flaws this week, with four of them being discovered and reported by anonymous researchers who collaborated with Trend Micro’s Zero Day Initiative (ZDI). The fifth flaw was found by ZDI vulnerability researcher Piotr Bazydło.

To address these vulnerabilities, SolarWinds released Access Rights Manager version 2023.2.3 on Thursday. This update includes bug fixes and security enhancements, ensuring a more secure and reliable software experience.

“These vulnerabilities were disclosed by Trend Micro’s Security Research Team, which collaborates with SolarWinds as part of our responsible disclosure program and our ongoing commitment to secure software development,”

“We have contacted customers to ensure they can take the steps to address these vulnerabilities by applying the patches we have released. Responsible disclosure of vulnerabilities is key to improving security within our products and the industry at large and we thank Trend Micro for their partnership.”

The spokesperson said.

In addition, SolarWinds addressed three other critical Remote Code Execution (RCE) vulnerabilities in Access Rights Manager back in October. These vulnerabilities had the potential to enable attackers to execute code with SYSTEM privileges.

Related Articles

Daixin Ransomware Claims Omni Hotels Cyberattack

Daixin Ransomware Claims Omni Hotels Cyberattack

The Daixin Team ransomware gang has taken responsibility for a recent cyberattack on Omni Hotels & Resorts and is currently issuing threats to publish sensitive customer information unless a ransom is paid. This development comes after the hotel chain experienced...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

 

Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!