SolarWinds Discloses Zero-Day Under Active Attack
SolarWinds has issued an advisory over a new vulnerability being actively attacked that is not related to the major supply chain attack discovered in December 2020. The company has since developed a hotfix that addresses the flaw and urges its customers to implement the patch immediately. The vulnerability lies in its Serv-U Managed File Transfer and Serv-U Secured FTP products. One of the vulnerabilities pertains to the latest Serv-U version released in May of this year and all prior versions, according to SolarWinds. This flaw can allow for remote code execution, therefore making it serious in nature. An attacker who is able to successfully exploit the flaw could run arbitrary code with privileges, install programs, view, change, and delete data.
SolarWinds was allegedly alerted to the flaw from Microsoft, which reported that attackers were already using it. Microsoft provided evidence of limited and targeted customer impact, according to SolarWinds. The company did not provide an estimate as to how many customers could be directly affected by the vulnerability. It also stated that it was unclear which customers may have already been potentially affected by the active exploits. The flaw does not affect any other SolarWinds or N-able products, reported SolarWinds.