Optus's TrustWave finds more SolarWinds bugs
Optus’s security division, Trustwave, says it has discovered additional severe vulnerabilities in SolarWinds Orion, the network monitoring platform that was recently compromised and used in a series of suspected state-sponsored cyber attacks.
The two critical bugs in the SolarWinds Orion platform, as well as one severe vulnerability in the SolarWinds Serv-U FTP for Windows, do not appear to have been exploited in the recent attacks or any attacks in the wild.
But the most critical vulnerability has the potential to be exploited to trigger remote code execution, according to TrustWave Security Research Manager Martin Rakhmanov.
Combined, all three exploits could allow an attacker “full remote code execution, access to credentials for recovery, and the ability to read, write to or delete any file on the system”, he said in a blog post.
Rakhmanov said SolarWinds has been informed of the vulnerabilities and issued a patch, which affected companies should install as soon as possible. TrustWave is holding off on publishing proof-of-concept code for the vulnerabilities until next week to give users more time to patch their systems.
“Having direct proof-of-concept code helps information security professionals better understand these issues as well as develop protections to prevent exploitation,” he said.
TrustWave is the global security arm of Optus, parent company Singtel and NCS.
CrowdStrike to buy Adaptive Shield
CrowdStrike is augmenting its SaaS security capabilities through the acquisition of Israeli-based...
LockBit named nastiest malware of 2024
LockBit, a ransomware malware known to have been used to attack Australian targets, has been...
Extreme Networks launches ZTNA solution
Extreme Networks' new ExtremeCloud Universal ZTNA solution combines cloud network access...
