August 28, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
North Korean ScarCruft Distributes RokRAT Malware by Using Windows Zero-Day Exploit – Active IOCs
October 16, 2024
MassLogger Malware – Active IOCs
October 17, 2024
North Korean ScarCruft Distributes RokRAT Malware by Using Windows Zero-Day Exploit – Active IOCs
October 16, 2024
MassLogger Malware – Active IOCs
October 17, 2024
Severity
High
Analysis Summary
CVE-2024-45715 CVSS:7.1
The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements.
CVE-2024-45710 CVSS:7.8
SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. This requires a low privilege account and local access to the affected node machine.
Impact
- Cross-Site Scripting
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-45715
- CVE-2024-45710
Affected Vendors
SolarWinds
Affected Products
- SolarWinds Platform 2024.2.1 and previous versions
Remediation
Upgrade to the latest version of SolarWinds Products, available from the SolarWinds Website.