June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
APT32 SeaLotus aka OceanLotus Group – Active IOCs
September 18, 2024
North Korean Threat Actors Use New MISTPEN Malware to Target Energy and Aerospace Sectors – Active IOCs
September 18, 2024
APT32 SeaLotus aka OceanLotus Group – Active IOCs
September 18, 2024
North Korean Threat Actors Use New MISTPEN Malware to Target Energy and Aerospace Sectors – Active IOCs
September 18, 2024
Severity
High
Analysis Summary
CVE-2024-28990 CVSS:6.3
SolarWinds Access Rights Manager could allow a remote attacker from within the local network to bypass security restrictions, caused by the use of hard-coded credentials. An attacker could exploit this vulnerability to gain access to the RabbitMQ management console.
CVE-2024-28991 CVSS:9
SolarWinds Access Rights Manager (ARM) could allow a remote authenticated attacker from within the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data. An attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Security Bypass
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-28990
- CVE-2024-28991
Affected Vendors
SolarWinds
Affected Products
- SolarWinds Access Rights Manager - 2024.3
Remediation
Upgrade to the latest version of Access Rights Manager, available from the SolarWinds Website.