SolarWinds has released fixes to address two security flaws in its Access Rights Manager (ARM) software, including a critical vulnerability that could result in remote code execution.
The vulnerability, tracked as CVE-2024-28991, is rated 9.0 out of a maximum of 10.0 on the CVSS scoring system. It has been described as an instance of deserialization of untrusted data.
“SolarWinds Access Rights
You may have missed
November 22, 2024