SolarWinds Arbitrary Command Execution and Privilege Escalation Critical Vulnerabilities (CVE-2022-36963 and CVE-2022-47505)
Dark Lab on Apr 25 2023
Share:
On 18 April 2023 the SolarWinds Platform released their latest update including fixes for 4) vulnerabilities, 2 of which are flagged as high severity. The exploitation of the high severity flaws could enable an attacker to execute arbitrary commands and escalate local privileges.
Given SolarWinds’ vast utilisation by multiple industries and previous mass exploitation of SolarWinds vulnerabilities by malicious actors, we recommend organisations to apply the latest update to mitigate against potential exploitation.
https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36963
https://www.solarwinds.com/trust-center/security-advisories/cve-2022-47505
Given SolarWinds’ vast utilisation by multiple industries and previous mass exploitation of SolarWinds vulnerabilities by malicious actors, we recommend organisations to apply the latest update to mitigate against potential exploitation.
https://www.solarwinds.com/trust-center/security-advisories/cve-2022-36963
https://www.solarwinds.com/trust-center/security-advisories/cve-2022-47505