New Serv-U bugs extend SolarWinds’ run of high-severity disclosures
Four newly disclosed critical CVEs could allow attackers to create privileged accounts and execute arbitrary code, and they reinforce SolarWinds’ status as a high-value target.
SolarWinds continues to be besieged by security issues, this time in its Serv-U managed file transfer server.
The software company has released four patches for critical Serv-U remote code execution (RCE) vulnerabilities that could allow attackers to gain root (administrator) access to unpatched servers. These four common vulnerabilities and exposures (CVEs) are rated “critical,” the highest severity score.
These should be treated as “high-urgency patch events,” said Ensar Seker, CISO at SOCRadar. “When you are talking about pre-authentication RCE with potential root-level access, you are effectively talking about full system compromise.”
eyond patching, anyone using ServU must go back and check logs to see if they’ve already lost data, advised David Shipley of Beauceron Security.
RCE is “super bad news” for these file transfer tools, he noted, pointing out that MoveIT was one of the largest data breaches in recent years.
“Root access equals game over,” he said. “These kinds of tool are used to move highly sensitive personal identifiable information, financial information, medical information.”
Read the Full Story at CSO Online