Security News > 2021 > July > A New Critical SolarWinds Zero-Day Vulnerability Under Active Attack
The Texas-based company that became the epicenter of a massive supply chain attack late last year, has issued patches to contain a remote code execution flaw in its Serv-U managed file transfer service.
The fixes, which target Serv-U Managed File Transfer and Serv-U Secure FTP products, arrive after Microsoft notified the IT management and remote monitoring software maker that the flaw was being exploited in the wild.
"Microsoft has provided evidence of limited, targeted customer impact, though SolarWinds does not currently have an estimate of how many customers may be directly affected by the vulnerability," SolarWinds said in an advisory published Friday, adding it's "Unaware of the identity of the potentially affected customers."
Impacting Serv-U versions 15.2.3 HF1 and before, a successful exploitation of the shortcoming could enable an adversary to run arbitrary code on the infected system, including the ability to install malicious programs and view, change, or delete sensitive data.
Disabling SSH access on the Serv-U installation also prevents compromise.
The issue has been addressed in Serv-U version 15.2.3 hotfix 2.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/xeMawiqsar8/a-new-critical-solarwinds-zero-day.html
Related news
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- Critical PostgreSQL bug tied to zero-day attack on US Treasury (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Zero-Day Vulnerability in Ivanti VPN (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)