Optus's TrustWave finds more SolarWinds bugs
Optus’s security division, Trustwave, says it has discovered additional severe vulnerabilities in SolarWinds Orion, the network monitoring platform that was recently compromised and used in a series of suspected state-sponsored cyber attacks.
The two critical bugs in the SolarWinds Orion platform, as well as one severe vulnerability in the SolarWinds Serv-U FTP for Windows, do not appear to have been exploited in the recent attacks or any attacks in the wild.
But the most critical vulnerability has the potential to be exploited to trigger remote code execution, according to TrustWave Security Research Manager Martin Rakhmanov.
Combined, all three exploits could allow an attacker “full remote code execution, access to credentials for recovery, and the ability to read, write to or delete any file on the system”, he said in a blog post.
Rakhmanov said SolarWinds has been informed of the vulnerabilities and issued a patch, which affected companies should install as soon as possible. TrustWave is holding off on publishing proof-of-concept code for the vulnerabilities until next week to give users more time to patch their systems.
“Having direct proof-of-concept code helps information security professionals better understand these issues as well as develop protections to prevent exploitation,” he said.
TrustWave is the global security arm of Optus, parent company Singtel and NCS.
DigiCert acquires Valimail to boost email security
DigiCert has acquired DMARC provider Valimail in a bid to enhance its email authentication...
Akamai adds secure browser to ZTNA portfolio
Akamai has partnered with Seraphic to incorporate secure enterprise browser capabilities into its...
Rubrik announces CrowdStrike Falcon integration
Rubrik has announced the integration of its Rubrik Identity Resilience solution with the...