News

SolarWinds Releases Patch for Actively Attacked Vulnerability in Serv-U Software

By admin
Spread the love

SolarWinds has released an update for a zero day in the Serv-U software. The actively attacked vulnerability made it possible to perform remote code execution in the file sharing software.

The company writes in an update advice that it has implemented a patch in the most recent version of Serv-U. According to SolarWinds, there was a vulnerability in version 15.2.3 HF1 from May this year, and all other versions. The company does not provide details about the vulnerability. The bug is known as CVE-2021-35211, but there’s no details about it in Miter’s National Vulnerability Database either. SolarWinds wants to wait until customers have “had enough time to upgrade.” In the meantime, the company is calling on customers to install the patch through the customer portal.

The vulnerability was discovered by Microsoft security researchers. According to the discoverers, systems belonging to “a targeted group of customers” were attacked by a single attacker. The nature of that attack is unknown. The vulnerability is only in the Serv-U Managed File Transfer Server and Serv-U Secured FTP, but not in its MSP software or in enterprise packages like Orion.

The latter software is where the company ran into problems at the end of last year. Then attackers broke into the company and sent spy malware via an infected update. It is not known whether the current attacks are related to those from December.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses