SolarWinds Discloses Zero-Day Under Active AttackSolarWinds Discloses Zero-Day Under Active Attack
The company confirms this is a new vulnerability that is not related to the supply chain attack discovered in December 2020.
July 13, 2021
SolarWinds has issued an advisory confirming a new zero-day affecting its Serv-U Managed File Transfer and Serv-U Secured FTP products. It has developed a hotfix to address the flaw.
The remote code execution vulnerability exists in the latest Serv-U version 15.2.3 HF1 released on May 5, 2021, and all prior versions, the company reported in a weekend advisory. An attacker who successfully exploited the flaw could run arbitrary code with privileges; install programs; view, change, or delete data; or run programs on the affected systems.
SolarWinds learned of the vulnerability from Microsoft, which found attackers already using it.
"Microsoft has provided evidence of limited, targeted customer impact, though SolarWinds does not currently have an estimate of how many customers may be directly affected by the vulnerability," SolarWinds wrote in its advisory. It is unaware of the identity of the potentially affected customers, officials noted.
This vulnerability only affects Serv-U Managed File Transfer and Serv-U Secure FTP, officials noted, and it does not affect any other SolarWinds or N-able products. The company urges Serv-U users to install the hotfix and said it will publish additional details on the flaw after giving customers time to upgrade.
Read more in SolarWinds' full advisory.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023