Rewterz Threat Advisory – Multiple Apple macOS Ventura Vulnerabilities
July 31, 2023Rewterz Threat Alert – Bitter APT Group – Active IOCs
July 31, 2023Rewterz Threat Advisory – Multiple Apple macOS Ventura Vulnerabilities
July 31, 2023Rewterz Threat Alert – Bitter APT Group – Active IOCs
July 31, 2023Severity
High
Analysis Summary
CVE-2023-33225 CVSS:6.8
SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an unsafe deserialization flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands with SYSTEM privileges on the system.
CVE-2023-33224 CVSS:7.2
SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an incorrect behavior order flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands with NETWORK SERVICE privileges on the system.
CVE-2023-23844 CVSS:7.2
SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an incomplete list of disallowed inputs flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2023-23843 CVSS:7.2
SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an incorrect comparison flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2023-23842 CVSS:6.8
SolarWinds Network Configuration Manager could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially crafted URL request containing “dot dot” sequences (/../) to execute arbitrary commands on the system.
Impact
- Command Execution
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-33225
- CVE-2023-33224
- CVE-2023-23844
- CVE-2023-23843
- CVE-2023-23842
Affected Vendors
SolarWinds
Affected Products
- SolarWinds SolarWinds Platform 2023.2.1
- SolarWinds Network Configuration Manager 2023.2.1
Remediation
Upgrade to the latest version of SolarWinds Platform and Network Configuration Manager, available from the SolarWinds Web site.