SolarWinds, a company known for its compromised Orion IT administration platform in 2020, has recently addressed security vulnerabilities in its Access Rights Manager (ARM) solution. The ARM is a tool used by organizations to manage and audit access rights across their IT infrastructure.
The vulnerabilities were privately reported by Trend Micro Zero Day Initiative (ZDI) researcher Piotr Bazydło and other anonymous researchers. There have been no reported cases of these vulnerabilities being exploited by attackers.
The fixed vulnerabilities in SolarWinds ARM include directory traversal flaws (CVE-2024-23476, CVE-2024-23479, and CVE-2024-23477) that could be exploited by unauthenticated attackers to achieve remote code execution (RCE). Additionally, there are deserialization of untrusted data bugs (CVE-2023-40057 and CVE-2024-23478) that can lead to remote code execution, but they require successful authentication before exploitation.
These vulnerabilities affect SolarWinds ARM v2023.2 and have been addressed in the latest version v2023.2.3. It is advised for administrators to upgrade to the fixed version as there are no alternative mitigations or workarounds available.
In addition to ARM, SolarWinds has also upgraded its SolarWinds Platform (formerly SolarWinds Orion Platform) to version 2024.1. The new version includes new features and fixes for a slew of bugs, as well as two SQL injection vulnerabilities (CVE-2023-50395 and CVE-2023-35188) reported by Piotr Bazydło. These vulnerabilities may allow remote attackers to execute arbitrary code on affected installations of the SolarWinds Platform, but they require prior authentication.
The SQL injection vulnerabilities exist within the AppendCreatePrimary method and are caused by a lack of proper validation of a user-supplied string before using it to construct SQL queries.
Overall, SolarWinds has taken proactive measures to address security vulnerabilities in both its ARM and Platform solutions. Administrators are urged to upgrade to the latest fixed versions to ensure the security of their IT infrastructure. With the constant threat of cyber attacks, staying updated with security patches and fixes is critical in safeguarding sensitive data and systems.