Rewterz Threat Alert – LokiBot Malware – IOCs
March 30, 2021Rewterz Threat Advisory – Multiple VMware Security Vulnerabilities
March 31, 2021Rewterz Threat Alert – LokiBot Malware – IOCs
March 30, 2021Rewterz Threat Advisory – Multiple VMware Security Vulnerabilities
March 31, 2021Severity
High
Analysis Summary
CVE-2021-27277
SolarWinds Orion Virtual Infrastructure Monitor could allow a local authenticated attacker to gain elevated privileges on the system, caused by a deserialization of untrusted data flaw in the OneTimeJobSchedulerEventsService WCF service. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.
Impact
Privilege escalation
Affected Vendors
SolarWinds
Affected Products
SolarWinds Orion Virtual Infrastructure Monitor 2020.2.4
Remediation
Upgrade to the latest version of Orion Virtual Infrastructure Monitor (2020.2.5 or later).