CVE-2024-23477

Summary

CVE-2024-23477 is a newly discovered vulnerability affecting SolarWinds Access Rights Manager (ARM). This issue involves a Directory Traversal Remote Code Execution vulnerability, which means an unauthenticated user can exploit it to execute arbitrary code on the targeted system. By manipulating file paths, an attacker can bypass ARM's access control, leading to unauthorized execution of commands and potential data breaches. This vulnerability poses a significant risk, as it does not require any authentication to exploit, making it easier for attackers to gain unauthorized access and cause damage.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.