Security News > 2021 > July > SolarWinds Confirms New Zero-Day Flaw Under Attack
Security responders at SolarWinds are scrambling to contain a new zero-day vulnerability being actively exploited in what is being described as "Limited, targeted attacks."
In an advisory issued over the weekend, SolarWinds said a single threat actor exploited security flaws in its Serv-U Managed File Transfer and Serv-U Secure FTP products against "a limited, targeted set of customers."
The embattled company said the attacks were discovered by threat hunters at Microsoft who noticed live, in-the-wild attacks hitting a remote code execution flaw in the SolarWinds Serv-U product.
"Microsoft has provided evidence of limited, targeted customer impact, though SolarWinds does not currently have an estimate of how many customers may be directly affected by the vulnerability. SolarWinds is unaware of the identity of the potentially affected customers," the company said.
"While Microsoft's research indicates this vulnerability exploit involves a limited, targeted set of customers and a single threat actor, our joint teams have mobilized to address it quickly," SolarWinds added.
SolarWinds has shipped an urgent hotfix - available at the customer portal - to address the vulnerability, which affects Serv-U 15.2.3 HF1 and all prior Serv-U versions.
News URL
Related news
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack (source)
- Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks (source)
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
- Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks (source)
- Google fixes fifth Chrome zero-day exploited in attacks this year (source)
- Apple backports fix for zero-day exploited in attacks to older iPhones (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)