SolarWinds Access Rights Manager: Attackers with system rights & malicious code

The developers have closed eight critical security vulnerabilities in SolarWinds ARM.

(Image: Artur Szczybylo/Shutterstock.com)

Jul 19, 2024 at 11:25 pm CEST

2 min. read

By

Dennis Schirrmacher

Attackers can exploit several software vulnerabilities in Access Rights Manager (ARM) from SolarWinds and compromise PCs. A version including a security patch is available for download.

Critical security vulnerabilities closed

Admins use ARM to manage access authorizations. In many cases, attackers must be logged in to systems in order to exploit one of the vulnerabilities and execute malicious code (e.g. CVE-2024-23471 "critical"). In other places, however, this should also work without authentication (CVE-2024-23467 "critical").

Videos by heise

Attacks are also possible without logging in, after which attackers have system rights (CVE-2024-23466 "critical"). In both cases, successfully attacked systems are usually considered fully compromised.

How attacks can proceed in detail remains unclear. The vulnerabilities were discovered by Trend Micro's Zero Day Initiative. The developers claim to have closed the gaps in version ARM 2024.3. All previous versions are said to be vulnerable.

List sorted by threat level in descending order: