Solarwinds – New Serv-U Remote Memory Escape Vulnerability
CVE-2021-35211
Sources
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211
Risks
A threat actor who successfully exploits this vulnerability could run arbitrary code with privileges. An attacker could then install programs; view, change, or delete data; or run programs on the affected system.
Description
A vulnerability has been found for Serv-U version 15.2.3 HF1 as well as earlier versions. Serv-U is a server and application monitoring software published by Solarwinds. The security vulnerability affects the Serv-U Managed File Transfer Server and the Serv-U Secured FTP software components. A threat actor who successfully exploits this vulnerability could run arbitrary code with privileges.
A hotfix has been made available by Solarwinds (15.2.3 HF2) and will be included in all future software updates.
Recommended Actions
The CCB recommends to all the system administrators to immediately update vulnerable Serv-U instances to the most recent build available (at least 15.2.3 HF2).
References
https://therecord.media/microsoft-discovers-a-solarwinds-zero-day-exploited-in-the-wild/