The SolarWinds Access Right Manager (ARM) product revealed various vulnerabilities, notably pre-auth Arbitrary File Deletion issues that could lead to local privilege escalation on domain-joined Windows systems.
Pre-auth RCE vulnerabilities were discovered in ARM, allowing unauthenticated attackers to access critical functionalities and execute commands via .NET Remoting, highlighting significant security concerns.
The identified vulnerabilities in SolarWinds ARM include authentication bypass, insecure deserialization, and potential for command execution, making it a critical target for security initiatives.
These vulnerabilities were addressed by SolarWinds through updates, reflecting the importance of vendor responses in mitigating risks associated with software vulnerabilities.
Collection
[
|
...
]