Web: https://www.cisecurity.org/advisory/a-vulnerability-in-solarwinds-serv-u-could-allow-for-remote-code-execution_2021-086

Jan. 7, 2022, 10:38 a.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center cisecurity.org

A vulnerability has been discovered in SolarWinds Serv-U, which could result in remote code execution. SolarWinds Serv-U is an FTP server software for secure file transfer. Successful exploitation of this vulnerability could allow for remote code execution within the context of a privileged process. Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer …

code code execution remote remote code execution serv-u solarwinds vulnerability

More from cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Head of Information Security

@ Canny | Remote

Information Technology Specialist (INFOSEC)

@ U.S. Securities & Exchange Commission | Washington, D.C.

Information Security Manager - $90K-$180K - MANAG002176

@ Sound Transit | Seattle, WA

Sr. Software Security Architect

@ SAS | Remote

Senior Incident Responder

@ CipherTechs, Inc. | Remote

Data Security DevOps Engineer Senior/Intermediate

@ University of Michigan - ITS | Ann Arbor, MI