Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
Solarwinds – New Serv-U Remote Memory Escape Vulnerability
Image
Published : 13/07/2021
Reference:
Advisory #2021-012
Version:
1.0
Affected software:
Serv-U 15.2.3 HF1 and older versions
Type:
Remote Code Execution (RCE)
CVE/CVSS:
CVE-2021-35211
Sources
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211
Risks
A threat actor who successfully exploits this vulnerability could run arbitrary code with privileges. An attacker could then install programs; view, change, or delete data; or run programs on the affected system.
Description
A vulnerability has been found for Serv-U version 15.2.3 HF1 as well as earlier versions. Serv-U is a server and application monitoring software published by Solarwinds. The security vulnerability affects the Serv-U Managed File Transfer Server and the Serv-U Secured FTP software components. A threat actor who successfully exploits this vulnerability could run arbitrary code with privileges.
A hotfix has been made available by Solarwinds (15.2.3 HF2) and will be included in all future software updates.
Recommended Actions
The CCB recommends to all the system administrators to immediately update vulnerable Serv-U instances to the most recent build available (at least 15.2.3 HF2).
References
https://therecord.media/microsoft-discovers-a-solarwinds-zero-day-exploited-in-the-wild/