Security News > 2021 > February > SolarWinds patches critical vulnerabilities in the Orion platform
Even with the security updates prompted by the recent SolarWinds Orion supply-chain attack, researchers still found some glaring vulnerabilities affecting the platform, one of them allowing code execution with top privileges.
The vulnerabilities have been discovered and reported to SolarWinds by Martin Rakhmanov, Security Research Manager, SpiderLabs at Trustwave, and have proof-of-concept exploit code available.
The researcher did not publish the demo code with the report today to give users longer time to install the official patches from SolarWinds.
Analyzing a demo copy of the SolarWinds Orion software, Rakhmanov noticed that it uses the Microsoft Message Queue technology and started to poke around.
The researcher found the sensitive data in the SOLARWINDS ORION configuration file that could be read by locally authenticated users.
Trustwave's SpiderLabs started to disclose the vulnerabilities to SolarWinds on December 30, 2020, and by January 25, 2021, the software maker had rolled out patches for all of them.
News URL
Related news
- SolarWinds fixes critical RCE bug affecting all Web Help Desk versions (source)
- Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986) (source)
- SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- SolarWinds left critical hardcoded credentials in its Web Help Desk product (source)
- Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987) (source)
- Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)