CISA warns critical SolarWinds RCE bug is exploited in attacks
CISA warned on Thursday that attackers are exploiting a recently patched critical vulnerability in SolarWinds' Web Help Desk solution for customer support. [...]
Remote code execution lets attackers run commands on a target system, enabling full compromise; patch exposed software and restrict privileges.
Search across headline titles and summaries.
Background for this topic.
Remote code execution (RCE) is the ability of an attacker to make a system run attacker-chosen code from a remote position, usually by exploiting a flaw in a network-facing application, service, protocol, or the processing of untrusted content. Unlike simple unauthorized access, successful RCE can run with the privileges of the affected process, enabling actions such as accessing data, changing configuration, disrupting a service, establishing persistence, or moving to other systems. Exploitability depends on factors including network reachability, authentication requirements, configuration, and whether execution is constrained.
Defenders should prioritize exposed RCE vulnerabilities in vulnerability management: inventory reachable assets, apply fixes or vendor mitigations, and restrict access or disable vulnerable functionality where patching is not immediately possible. Least privilege and service isolation limit the damage if exploitation succeeds. Secure input handling, safe deserialization, and avoiding unnecessary shell invocation reduce common attack paths. Monitoring for unusual process creation and outbound connections can support detection; suspected exploitation warrants prompt investigation, preservation of relevant logs, credential rotation where appropriate, and checks for persistence.
CISA warned on Thursday that attackers are exploiting a recently patched critical vulnerability in SolarWinds' Web Help Desk solution for customer support. [...]
The vulnerability was given a high-severity CVSS score, indicating that customers should act swiftly to mitigate the flaw.
SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on susceptible instances
SolarWinds has discovered and fixed a critical remote code execution vulnerability in Web Help Desk
Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems with IPv6 enabled. [...]
Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems with IPv6 enabled. [...]
A critical vulnerability in SolarWinds' Web Help Desk solution for customer support could be exploited to achieve remote code execution, the American business software developer warns in a security advisory today. [...]
CVE-2024-38173 is a medium severity RCE flaw in Microsoft Outlook, similar to CVE-2024-30103