Rewterz Threat Advisory – Multiple Apple GarageBand Vulnerabilities
March 12, 2023Rewterz Threat Alert – Phobos Ransomware – Active IOCs
March 13, 2023Rewterz Threat Advisory – Multiple Apple GarageBand Vulnerabilities
March 12, 2023Rewterz Threat Alert – Phobos Ransomware – Active IOCs
March 13, 2023Severity
High
Analysis Summary
CVE-2021-35234 CVSS:8
Solarwinds Orion is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to multiple functions, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVE-2021-35218 CVSS:8.9
SolarWinds Orion Platform could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw in the Chart Endpoint. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2021-35217 CVSS:8.9
SolarWinds Patch Manager could allow a remote authenticated attacker to execute arbitrary code on the system, caused by the insecure deserialization of untrusted data in the Orion Platform Integration module. By executing WSAsyncExecuteTasks deserialization of untrusted data, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2021-35216 CVSS:8.9
SolarWinds Patch Manager could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2021-35215 CVSS:8.9
SolarWinds Orion Platform could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2021-35213 CVSS:8.8
SolarWinds Orion Platform could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an improper access control in the User Setting. By sending a specially-crafted request, an attacker could exploit this vulnerability to elevate privileges.
CVE-2021-35212 CVSS:8.9
SolarWinds Orion Platform is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to perform read/write over the Orion database content including the Orion certificate for any authenticated user.
CVE-2021-27258 CVSS:9.8
Solarwinds Orion Platform could allow a remote attacker to gain elevated privileges on the system, caused by improper restriction of the SaveUserSetting endpoint. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2020-27871 CVSS:7.2
SolarWinds Network Performance Monitor could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially-crafted URL request to the VulnerabilitySettings.aspx script containing “dot dot” sequences (/../) to execute arbitrary code in the context of SYSTEM.
CVE-2020-27870 CVSS:7.5
SolarWinds Network Performance Monitor could allow a remote attacker to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially-crafted URL request to the ExportToPDF.aspx script containing “dot dot” sequences (/../) to view arbitrary files in the context of SYSTEM.
CVE-2020-27869 CVSS:8.8
SolarWinds Network Performance Monitor could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the WriteToFile method. By sending specially-crafted SQL queries, an authenticated attacker could exploit this vulnerability to gain elevated privileges and reset the password for the Admin user.
Impact
- Code Execution
- Privilege Escalation
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2021-35234
- CVE-2021-35218
- CVE-2021-35217
- CVE-2021-35216
- CVE-2021-35215
- CVE-2021-35213
- CVE-2021-35212
- CVE-2021-27258
- CVE-2020-27871
- CVE-2020-27870
- CVE-2020-27869
Affected Vendors
SolarWinds
Affected Products
- SolarWinds Orion Platform 2018.4
- SolarWinds Orion Platform 2019.4
- SolarWinds Orion Platform 2020.2.1
- SolarWinds Orion Platform 2019.2
- SolarWinds Orion Platform 2018.2
- Solarwinds Network Performance Monitor
- SolarWinds Orion 2020.2.6 HF2
- SolarWinds Orion Platform 2020.2.5
- SolarWinds Patch Manager 2020.2.5
- SolarWinds Orion Platform 2020.2.4
Remediation
Refer to SolarWinds Web site for patch, upgrade or suggested workaround information.