13 July 2021

SolarWinds fixes a zero-day vulnerability exploited in the wild


SolarWinds fixes a zero-day vulnerability exploited in the wild

SolarWinds, the US software vendor that was a target of a massive supply chain attack last December, has released a security update to address a zero-day vulnerability actively exploited by hackers in real-world attacks.

The zero-day bug (CVE-2021-35211) is a remote code execution vulnerability affecting the SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP solutions. The vulnerability exists due to a boundary error. A remote attacker can send a specially crafted request to the Serv-U server, trigger memory corruption and execute arbitrary code on the target system.

The issue impacts Serv-U 15.2.3 HF1 and all prior Serv-U versions, the vendor said.

According to SolarWind’s advisory, the flaw was discovered and reported to the company by researchers at Microsoft. The company said the attacks exploiting CVE-2021-35211 affected only a small subset of its customers.

Neither SolarWinds, nor Microsoft did not share when these attacks started, or who was behind them.


Back to the list

Latest Posts

Malicious actors target Kubernetes clusters via Argo Workflows

Malicious actors target Kubernetes clusters via Argo Workflows

In the observed attacks the threat actors deployed a popular cryptocurrency mining container, kannix/monero-miner.
26 July 2021
Kaseya obtains a decryptor for victims of the REvil ransomware attack

Kaseya obtains a decryptor for victims of the REvil ransomware attack

It's not clear, if the company paid any ransom.
23 July 2021
Chinese cyber-spies use hacked routers in attacks against French organizations

Chinese cyber-spies use hacked routers in attacks against French organizations

The hackers are hijacking home routers to build a proxy botnet in order to hide the origins of their attacks.
22 July 2021