Security News > 2024 > July > SolarWinds fixes 8 critical bugs in access rights audit software
SolarWinds has fixed eight critical vulnerabilities in its Access Rights Manager software, six of which allowed attackers to gain remote code execution on vulnerable devices.
Access Rights Manager is a critical tool in enterprise environments that helps admins manage and audit access rights across their organization's IT infrastructure to minimize threat impact.
SolarWinds patched the flaws in Access Rights Manager 2024.3, released on Wednesday with bug and security fixes.
In February, the company patched five other RCE vulnerabilities in the Access Rights Manager solution, three of which were rated critical because they allowed unauthenticated exploitation.
In April 2021, the U.S. government formally accused the Russian Foreign Intelligence Service of orchestrating the 2020 Solarwinds attack, and the U.S. Securities and Exchange Commission charged SolarWinds in October 2023 for failing to notify investors of cybersecurity defense issues before the hack.
VMware fixes critical vCenter RCE vulnerability, patch now.