all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-23-1444: SolarWinds Orion Platform UpdateAction Exposed Dangerous Method Remote Code Execution Vulnerability

Add to bookmarks
Sept. 19, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Platform. Authentication is required to exploit this vulnerability.

arbitrary code attackers authentication code code execution exploit exposed orion platform remote code remote code execution solarwinds solarwinds orion vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-23-1455: Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 4 days ago | www.zerodayinitiative.com
attackers disclosure exploit file +14
ZDI-23-1454: Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability 5 days ago | www.zerodayinitiative.com
arbitrary code attackers cobalt code +12
ZDI-23-1453: Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability 5 days ago | www.zerodayinitiative.com
arbitrary code attackers cobalt code +13
ZDI-23-1452: Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability 5 days ago | www.zerodayinitiative.com
arbitrary code attackers cobalt code +13
ZDI-23-1450: Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability 5 days ago | www.zerodayinitiative.com
arbitrary code attackers cobalt code +12
ZDI-23-1451: Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability 5 days ago | www.zerodayinitiative.com
arbitrary code attackers cobalt code +12
ZDI-23-1449: (0Day) Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability 5 days ago | www.zerodayinitiative.com
0day amp assistant attacker +20
ZDI-23-1446: Microsoft Windows Untrusted Script Execution Remote Code Execution Vulnerability 1 week ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +14
ZDI-23-1447: Microsoft Exchange ExFileLog Deserialization of Untrusted Data Denial-of-Service Vulnerability 1 week ago | www.zerodayinitiative.com
attackers authentication data deserialization +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Business Information Security Officer

@ Metrolink | Los Angeles, CA
View on infosec-jobs.com

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City
View on infosec-jobs.com

Security Engineer

@ ChartMogul | Remote, EU
View on infosec-jobs.com

Cyber Hunt Subject Matter Expert (SME) - Hybrid

@ XOR Security | Alexandria, VA
View on infosec-jobs.com

Software Compliance, Safety and Security Manager (w/m/d)

@ Bosch Group | Stuttgart, Germany
View on infosec-jobs.com

Chef de projet - Service PKI

@ Alter Solutions | Paris, France
View on infosec-jobs.com
View more jobs