Security News > 2024 > September > SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
2024-09-17 04:34
SolarWinds has released fixes to address two security flaws in its Access Rights Manager (ARM) software, including a critical vulnerability that could result in remote code execution. The vulnerability, tracked as CVE-2024-28991, is rated 9.0 out of a maximum of 10.0 on the CVSS scoring system. It has been described as an instance of deserialization of untrusted data. "SolarWinds Access Rights
News URL
https://thehackernews.com/2024/09/solarwinds-issues-patch-for-critical.html
Related news
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now (source)
- SolarWinds fixes critical RCE bug affecting all Web Help Desk versions (source)
- Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986) (source)
- SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access (source)
- Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) (source)
- Exploit code released for critical Ivanti RCE flaw, patch now (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-12 | CVE-2024-28991 | Unspecified vulnerability in Solarwinds Access Rights Manager SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. | 8.8 |