Voyager18 (research)

SolarWinds exposed again: Take action now

SolarWinds is in the news again, with a slew of vulnerabilities affecting its ARM product. Here's what you need to know.

Orani Amroussi | February 25, 2024

SolarWinds, known for the significant security breach of its Orion platform in 2020, has recently addressed five vulnerabilities in its Access Rights Manager (ARM) solution. This proactive measure aims to secure the platform against similar threats and safeguard user data across various agencies and corporations.

Here’s what you need to know about the latest SolarWinds vulnerabilities:

What are the SolarWinds vulnerabilities?

Five RCE vulnerabilities, including three critical ones, in SolarWinds’ Access Rights Manager have been patched after discovery by Trend Micro’s Zero Day Initiative. These flaws could potentially allow unauthorized remote code execution in software integral for managing user permissions across various services. 

The critical vulnerabilities, CVE-2024-23476 and CVE-2024-23479, highlighted in a SolarWinds’ advisory, pose a significant risk of unauthenticated remote code execution, while another, CVE-2023-40057, could be exploited by authenticated users. Two other vulnerabilities were deemed “high” severity.

Do they affect me?

Many organizations utilize SolarWinds Access Rights Manager (ARM) for overseeing and auditing permissions throughout their IT networks, ensuring secure and efficient access management.

The vulnerabilities affect SolarWinds ARM versions 2023.2 and earlier. It is recommended to check your versions of ARM and ensure you are not exposed. 



Have the SolarWinds vulnerabilities been actively exploited in the wild?

There is currently no mention of them being exploited by attackers. 

Fixing the SolarWinds vulnerabilities

In its advisory, SolarWinds recommends updating instances of ARM to version 2023.2.3, which fixes the vulnerabilities.  




Next steps 

Each new vulnerability is a reminder of where we stand and what we need to do better. Check out the following resources to help you maintain cyber hygiene and stay ahead of the threat actors: 

  1. 2023 Vulnerability watch reports 
  2. The MITRE ATT&CK framework: Getting started
  3. The true impact of exploitable vulnerabilities for 2024
  4. Multi-cloud security challenges – a best practice guide
  5. How to properly tackle zero-day threats

Free for risk owners

Set up in minutes to aggregate and prioritize cyber risk across all your assets and attack vectors.

"Idea for an overwhelmed secops/security team".

Name Namerson
Head of Cyber Security Strategy