New Code Execution Flaws In Solarwinds Orion Platform
Solarwinds has shipped a major security update to fix at least four documented security vulnerabilities, including a pair of bugs that be exploited for remote code execution attacks.
The patches were pushed out Thursday as part of a minor security makeover of the Orion Platform, the same compromised Solarwinds product that was exploited in recent nation-state software supply chain attacks.
The latest Orion Platform 2020.2.5 addresses at least four security flaws, one rated “critical” because of the risk of remote code execution attacks. The company did not release technical details of the vulnerability, which does not yet have a CVE assigned.
Solarwinds described that flaw simply as “RCE via Actions and JSON Deserialization.” The company warned that the critical bug was found via the test alert actions and noted that an Orion authenticated user is required to successfully launch an exploit.
A second bug, rated “high-risk” also brings remote code execution risk, Solarwinds warned. “The vulnerability can be used to achieve authenticated RCE as Administrator. In order to exploit this, an attacker first needs to know the credentials of an unprivileged local account on the Orion Server.”
The update also includes fixes for a “high-risk” stored-XSS vulnerability and a medium-severity issue that could lead to reverse-tabnabbing and open redirect attacks.