Security experts have brought to light three critical remote code execution vulnerabilities in SolarWinds Access Rights Manager (ARM). These vulnerabilities pose a severe threat, as they allow remote attackers to execute code with the highest level of access—SYSTEM privileges—on a Windows system. SolarWinds ARM serves as an essential tool for organizations in managing and monitoring user access rights within their IT infrastructures. Its feature set includes Microsoft Active Directory integration, role-based access control, and visual feedback.
Risk Scoring
The vulnerabilities have been identified with the following Common Vulnerability Scoring System (CVSS) v3 scores:
- CVE-2023-35182: 9.8
- CVE-2023-35185: 9.8
- CVE-2023-35187: 9.8
These scores indicate that the vulnerabilities are of critical severity.
Vulnerability Details
On June 22, researchers from Trend Micro’s Zero Day Initiative uncovered eight vulnerabilities in SolarWinds ARM. Out of these, three have been rated as critical. Below are the details:
CVE-2023-35182
This vulnerability allows remote unauthenticated attackers to execute arbitrary code with SYSTEM-level privileges. The flaw exists due to the improper deserialization of untrusted data in the ‘createGlobalServerChannelInternal’ method.
CVE-2023-35185
Another critical vulnerability that enables remote attackers to execute arbitrary code with SYSTEM privileges. This happens because of the lack of proper validation for user-supplied paths in the ‘OpenFile’ method.
CVE-2023-35187
This vulnerability also allows remote unauthenticated attackers to execute arbitrary code with SYSTEM-level privileges. The absence of proper validation for user-supplied paths in the ‘OpenClientUpdateFile’ method is the root cause here.
The remaining vulnerabilities, though not categorized as critical, still present a high risk. These could potentially be leveraged by attackers to escalate their privileges or execute arbitrary code post-authentication.
Affected Products
The affected product version is SolarWinds Access Rights Manager version 2023.2.
Solutions
SolarWinds has addressed all these vulnerabilities in their latest patch, version 2023.2.1 of Access Rights Manager.
Recommendations
For organizations using the affected version of SolarWinds ARM, immediate action is advised. Update your software to the latest, patched version (2023.2.1) to mitigate the risk posed by these critical vulnerabilities. SolarWinds has already issued patches addressing these vulnerabilities. Therefore, delaying this action can put your organization at unnecessary risk.
Ending Note
Interestingly, SolarWinds did not rate any of these vulnerabilities as critical; the highest score they gave was 8.8 for high-severity issues. Regardless of this discrepancy in severity ratings, the CVSS scores make the critical nature of these vulnerabilities clear. Immediate action is needed to safeguard your systems and data.
Also Read:
- Enhancing Node.js Application Security: Essential Best Practices
- Maximizing Node.js Efficiency with Clustering and Load Balancing
- Understanding Event Emitters in Node.js for Effective Event Handling
- Understanding Streams in Node.js for Efficient Data Handling
- Harnessing Environment Variables in Node.js for Secure Configurations