Optus's TrustWave finds more SolarWinds bugs
Optus’s security division, Trustwave, says it has discovered additional severe vulnerabilities in SolarWinds Orion, the network monitoring platform that was recently compromised and used in a series of suspected state-sponsored cyber attacks.
The two critical bugs in the SolarWinds Orion platform, as well as one severe vulnerability in the SolarWinds Serv-U FTP for Windows, do not appear to have been exploited in the recent attacks or any attacks in the wild.
But the most critical vulnerability has the potential to be exploited to trigger remote code execution, according to TrustWave Security Research Manager Martin Rakhmanov.
Combined, all three exploits could allow an attacker “full remote code execution, access to credentials for recovery, and the ability to read, write to or delete any file on the system”, he said in a blog post.
Rakhmanov said SolarWinds has been informed of the vulnerabilities and issued a patch, which affected companies should install as soon as possible. TrustWave is holding off on publishing proof-of-concept code for the vulnerabilities until next week to give users more time to patch their systems.
“Having direct proof-of-concept code helps information security professionals better understand these issues as well as develop protections to prevent exploitation,” he said.
TrustWave is the global security arm of Optus, parent company Singtel and NCS.
Commvault arranges to buy Appranix
Cyber resilience provider Commvault plans to leverage its acquisition of Appranix to help...
Fujitsu establishes security consulting division
Fujitsu's new digital security consulting division will help organisations prepare for and...
Unstoppable Domains joins GlobalBlock initiative
Web3 domain name service provider Unstoppable Domains has joined the GlobalBlock initiative to...
