Critical RCE flaws found in SolarWinds access audit solution

Critical RCE flaws found in SolarWinds access audit solution

Security researchers found three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product that remote attackers could use to run code with SYSTEM privileges.

SolarWinds ARM is a tool that enables organizations to manage and audit user access rights across their IT environments. It offers Microsoft Active Directory integration, role-based access control, visual feedback, and more.

Through Trend Micro’s Zero Day Initiative (ZDI), researchers reported eight flaws in the SolarWinds solution on June 22, three of them with critical severity.

The vendor addressed all vulnerabilities earlier this week with a patch available in version 2023.2.1 of its Access Rights Manager.

Below is the description and identifier for the three critical remote code execution (RCE):

  • CVE-2023-35182 (9.8 severity): Remote unauthenticated attackers can execute arbitrary code in the context of SYSTEM due to the deserialization of untrusted data in the ‘createGlobalServerChannelInternal’ method
  • CVE-2023-35185 (9.8 severity): Remote unauthenticated attackers can execute arbitrary code in the context of SYSTEM due to a lack of validation of user-supplied paths in the ‘OpenFile’ method
  • CVE-2023-35187 (9.8 severity): Remote unauthenticated attackers can execute arbitrary code in the context of SYSTEM without authentication due to lack of validation of user-supplied paths in the ‘OpenClientUpdateFile’ method

Executing code in the context of “SYSTEM” on Windows computers means that it runs with the highest privileges on the machine.

SYSTEM is an internal account reserved for the operating system and its services. Attackers gaining this level of privileges have full control over all files on the victim machine.

The rest of the security issues that SolarWinds addressed in its Access Right Manager are high-severity and attackers could exploit them to increase permissions or execute arbitrary code on the host after authentication.

SolarWinds published an advisory this week describing the eight vulnerabilities and their severity rating, as assessed by the company.

It is worth noting that the company did not rate any of the security issues as critical and the highest rating is 8.8, for high-severity issues.


Original Source



A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

 To keep up to date follow us on the below channels.