Five remote code execution (RCE) vulnerabilities, including three critical severity holes, have been addressed by SolarWinds in its Access Rights Manager (ARM) solution. Three vulnerabilities stand out among the five due to their ability to execute remote code without authentication. These vulnerabilities seriously threaten the integrity and security of enterprise systems and are tracked as CVE-2024-23476, CVE-2024-23477 and CVE-2024-23479. A vulnerability management tool will fix such issues.
The capacity of attackers to remotely run code on systems they have targeted can have extremely harmful effects. Potential threats may include:
- Install malware or ransomware.
- Steal confidential information.
- Interrupt vital business processes.
- Launch attacks on networks that are connected.
Vulnerabilities Details
While the two vulnerabilities below require authentication, they allow an authorized user to misuse a SolarWinds ARM solution, which could lead to remote code execution.
CVE-2023-40057 (Severity: 9.0 Critical) – SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution Vulnerability
CVE-2024-23478 (Severity: 8.0 High) – SolarWinds Access Rights Manager (ARM) Deserialization of Untrusted Data Remote Code Execution Vulnerability
Additionally, it was identified that three Directory Traversal vulnerabilities that exist in the SolarWinds Access Rights Manager could allow remote code execution. Attackers could certainly use these vulnerabilities to gain complete control of the system, even in the absence of legitimate login credentials.
CVE-2024-23476 (Severity: 9.6 Critical) – SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability
CVE-2024-23477 (Severity: 7.9 High) – SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability
CVE-2024-23479 (Severity: 9.6 Critical) – SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerability
Affected Product
SolarWinds Access Rights Manager (ARM) 2023.2.2 and also the prior versions
Solution
All five vulnerabilities in SolarWinds Access Rights Manager (ARM) have been fixed in ARM version 2023.2.3 by SolarWinds. All organizations using ARM need to make sure these patches have been implemented as soon as possible. Although there is no proof that these vulnerabilities have been exploited in the wild, quick patching is an essential preventive measure. Organizations must also remain proactive in finding and resolving vulnerabilities within their IT infrastructure as cyber threats grow in sophistication and scale.
SanerNow software deployment capability can therefore be used to deploy fixed version of SolarWinds Access Rights Manager.