Security News > 2021 > July > SolarWinds patches critical Serv-U vulnerability exploited in the wild

SolarWinds patches critical Serv-U vulnerability exploited in the wild
2021-07-12 14:17

SolarWinds is urging customers to patch a Serv-U remote code execution vulnerability exploited in the wild by "a single threat actor" in attacks targeting a limited number of customers.

"Microsoft has provided evidence of limited, targeted customer impact, though SolarWinds does not currently have an estimate of how many customers may be directly affected by the vulnerability," the company said in an advisory published on Friday.

"To the best of our understanding, no other SolarWinds products have been affected by this vulnerability. [.] SolarWinds is unaware of the identity of the potentially affected customers."

SolarWinds has addressed the security vulnerability reported by Microsoft with the release of Serv-U version 15.2.3 hotfix 2.

SolarWinds provides additional info on how to find if your environment was compromised during the attacks Microsoft reported.

In March, SolarWinds reported expenses of $3.5 million from last year's supply-chain attack, including costs related to remediation and incident investigation.


News URL

https://www.bleepingcomputer.com/news/security/solarwinds-patches-critical-serv-u-vulnerability-exploited-in-the-wild/

Related news

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 44 0 80 95 40 215