SolarWinds Releases Critical Security Updates for Access Rights Manager


SolarWinds has released security updates addressing five remote code execution (RCE) vulnerabilities in Access Rights Manager (ARM).

Path traversal vulnerabilities, CVE-2024-23476 and CVE-2024-23479, are both rated as critical with a CVSSv3 score of 9.6. An unauthenticated attacker could exploit these vulnerabilities, which could lead to RCE.

Read more…
Source: NHS Digital