SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
17 September 2024
SolarWinds has released fixes to address two security flaws in its Access Rights Manager (ARM) software, including a critical vulnerability that could result in remote code execution.
The vulnerability, tracked as CVE-2024-28991, is rated 9.0 out of a maximum of 10.0 on the CVSS scoring system. It has been described as an instance of deserialization of untrusted data.
"SolarWinds Access Rights