Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover
SolarWinds' access controls contain five high and three critical-severity security vulnerabilities that need to be patched yesterday.
Vulnerabilities are flaws attackers can exploit to access systems or data; timely patching, isolation, and least privilege reduce the impact.
Search across headline titles and summaries.
Background for this topic.
A vulnerability is a weakness in a system’s design, code, configuration, or operating process that could allow an attacker to violate a security requirement. It may affect software, hardware, networks, cloud services, or exposed interfaces, and is not automatically exploitable: practical risk depends on factors such as exposure, required privileges, available attack paths, and existing controls. Outcomes can include unauthorized access, information disclosure, code execution, or disruption of service.
Effective vulnerability management combines accurate asset inventory with code review, security testing, scanning, and trusted vulnerability intelligence. Organizations should prioritize weaknesses affecting reachable, business-critical systems—especially when exploitation is known or requires little access—then patch or otherwise mitigate them and verify the fix. Where patching is delayed, controls such as disabling an exposed feature, restricting network access, or strengthening authentication can reduce the attack surface. Records should preserve affected versions, risk decisions, remediation owners, and validation results.
SolarWinds' access controls contain five high and three critical-severity security vulnerabilities that need to be patched yesterday.
Security researchers found three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product that remote attackers could use to run code with SYSTEM privileges. [...]
More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198. [...]
In the second part of this series, we will examine how attackers can trigger vulnerabilities by sending control messages masquerading as user traffic to cross over from user plane to control plane.
SANS offers cyber security pros a valuable toolkit of resources to mitigate the potentially serious cybersecurity risks faced by internal staff Sponsored Post Organisations that fail to adequately address the potential vulnerabilities that internal employees sometimes encounter when developing an IT security strategy are exposing themselves to potentially catastrophic dangers, infosec experts have warned.…
The time between a vulnerability being discovered and hackers exploiting it is narrower than ever – just 12 days. So it makes sense that organizations are starting to recognize the importance of not leaving long gaps between their scans, and the term "continuous vulnerability scanning" is becoming more popular. Hackers won’t wait for your next scan One-off scans can be a simple ‘one-and-done'
Microsoft has warned organizations using JetBrains TeamCity server to take immediate steps to mitigate this threat
North Korean threat actors are actively exploiting a critical security flaw in JetBrains TeamCity to opportunistically breach vulnerable servers, according to Microsoft
A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations
Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by over 500 million users, aiming to gain arbitrary code execution on targets' systems. [...]
Google says multiple state-backed hacking groups are gaining arbitrary code execution on targets' systems by exploiting a high-severity vulnerability in WinRAR, a compression software with over 500 million users. [...]
Citrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information
In the ever-evolving landscape of cybersecurity, attackers are always searching for vulnerabilities and exploits within organizational environments. They don't just target single weaknesses; they're on the hunt for combinations of exposures and attack methods that can lead them to their desired objective
A critical vulnerability tracked as CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been actively exploited as a zero-day since late August, security researchers announced. [...]
A medium-severity flaw has been discovered in Synology's DiskStation Manager (DSM) that could be exploited to decipher an administrator's password and remotely hijack the account
Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible systems
Do it now, no ifs or buts, says advisory US authorities have issued an urgent plea to network admins to patch the critical vulnerability in Atlassian Confluence Data Center and Server amid ongoing nation-state exploitation.…
The tech giant has issued guidance to mitigate exploitation of the flaw, which has the highest severity rating
A severity flaw impacting industrial cellular routers from Milesight may have been actively exploited in real-world attacks, new findings from VulnCheck reveal
Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that’s under active exploitation in the wild