Optus's TrustWave finds more SolarWinds bugs
Optus’s security division, Trustwave, says it has discovered additional severe vulnerabilities in SolarWinds Orion, the network monitoring platform that was recently compromised and used in a series of suspected state-sponsored cyber attacks.
The two critical bugs in the SolarWinds Orion platform, as well as one severe vulnerability in the SolarWinds Serv-U FTP for Windows, do not appear to have been exploited in the recent attacks or any attacks in the wild.
But the most critical vulnerability has the potential to be exploited to trigger remote code execution, according to TrustWave Security Research Manager Martin Rakhmanov.
Combined, all three exploits could allow an attacker “full remote code execution, access to credentials for recovery, and the ability to read, write to or delete any file on the system”, he said in a blog post.
Rakhmanov said SolarWinds has been informed of the vulnerabilities and issued a patch, which affected companies should install as soon as possible. TrustWave is holding off on publishing proof-of-concept code for the vulnerabilities until next week to give users more time to patch their systems.
“Having direct proof-of-concept code helps information security professionals better understand these issues as well as develop protections to prevent exploitation,” he said.
TrustWave is the global security arm of Optus, parent company Singtel and NCS.
A report from CrowdStrike has revealed that e-crime attacks made up 79% of all intrusions in...
Using multi-factor authentication to strengthen proof-of-identity protections can prevent...
The BlackBerry 2021 Annual Threat Report has outlined a rise in cyber threats facing vulnerable...