"SolarWinds Patches Zero-Day Exploited in the Wild (CVE-2021-35211)"

SolarWinds has released an emergency patch for CVE-2021-35211, an RCE vulnerability affecting its Serv-U Managed File Transfer and Serv-U Secure FTP currently being exploited in the wild. Microsoft has provided evidence of limited, targeted customer impact. However, SolarWinds does not currently have an estimate of how many customers may be directly affected by the vulnerability. CVE-2021-35211 was unearthed in the SolarWinds Serv-U product by Microsoft’s Threat Intelligence Center (MSTIC) and Microsoft Offensive Security Research teams. SolarWinds stated they will be publishing additional details about the vulnerability once its customers have had enough time to implement the fix. In the meantime, the researchers noted that the vulnerability affects Serv-U 15.2.3 HF1 and all prior Serv-U versions but does not exist if SSH is enabled for a Serv-U installation. The vulnerability allows attackers to perform remote code execution and to install programs. Attackers can also view, change or delete data, or run programs on the affected system. The researchers also stated that this is not related to the SUNBURST supply chain attack

 

Help Net Security reports: "SolarWinds Patches Zero-Day Exploited in the Wild (CVE-2021-35211)"

Submitted by Anonymous on