CVE-2021-35211
9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SolarWinds | Serv-U Managed File Transfer Server and Serv-U Secured FTP | SolarWinds Serv-U < 15.2.3 HF1 | affected |
Weaknesses
- Memory Escape Vulnerability in Solarwinds Serv-U
Workarounds
SolarWinds advises to disconnect Serv-U Server from internet until patched.
ADP Enrichment
CVE Program Container
Additional References
- https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211
- https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: no
- Technical Impact: total
Additional References
References
- https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211
- https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.