CVE-2021-35211 - OpenCVE

Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Solarwinds	Serv-u

Configuration 1 [-]

OR	cpe:2.3:a:solarwinds:serv-u::::::::
	cpe:2.3:a:solarwinds:serv-u:15.2.3:-::::::
	cpe:2.3:a:solarwinds:serv-u:15.2.3:hotfix1::::::

No data.

References

Link	Providers
https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit
https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211

History

No history.

MITRE

Status: PUBLISHED

Assigner: SolarWinds

Published: 2021-07-14T20:55:25.167115Z

Updated: 2024-09-16T18:24:37.073Z

Reserved: 2021-06-22T00:00:00

Link: CVE-2021-35211

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-07-14T21:15:08.090

Modified: 2023-08-08T14:22:24.967

Link: CVE-2021-35211

Redhat

No data.

{"containers": {"cna": {"affected": [{"platforms": ["Windows"], "product": "Serv-U Managed File Transfer Server and Serv-U Secured FTP", "vendor": "SolarWinds", "versions": [{"lessThan": "15.2.3 HF1", "status": "affected", "version": "SolarWinds Serv-U", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "SolarWinds would like to thank the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Offensive Security Research teams for reporting on the issue in a responsible manner."}], "datePublic": "2021-07-13T00:00:00", "descriptions": [{"lang": "en", "value": "Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"description": "Memory Escape Vulnerability in Solarwinds Serv-U", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-14T20:55:25", "orgId": "49f11609-934d-4621-84e6-e02e032104d6", "shortName": "SolarWinds"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211"}, {"tags": ["x_refsource_MISC"], "url": "https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit"}], "solutions": [{"lang": "en", "value": "SolarWinds has released a hotfix 15.2.3 HF2 It is suggested to upgrade to the latest hotfix as soon as possible"}], "source": {"defect": ["CVE-2021-35211"], "discovery": "EXTERNAL"}, "title": "Serv-U Remote Memory Escape Vulnerability", "workarounds": [{"lang": "en", "value": "SolarWinds advises to disconnect Serv-U Server from internet until patched."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@solarwinds.com", "DATE_PUBLIC": "2021-07-13T16:16:00.000Z", "ID": "CVE-2021-35211", "STATE": "PUBLIC", "TITLE": "Serv-U Remote Memory Escape Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Serv-U Managed File Transfer Server and Serv-U Secured FTP", "version": {"version_data": [{"platform": "Windows", "version_affected": "<", "version_name": "SolarWinds Serv-U", "version_value": "15.2.3 HF1"}]}}]}, "vendor_name": "SolarWinds"}]}}, "credit": [{"lang": "eng", "value": "SolarWinds would like to thank the Microsoft Threat Intelligence Center (MSTIC) and Microsoft Offensive Security Research teams for reporting on the issue in a responsible manner."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Memory Escape Vulnerability in Solarwinds Serv-U"}]}]}, "references": {"reference_data": [{"name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211", "refsource": "MISC", "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211"}, {"name": "https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit", "refsource": "MISC", "url": "https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit"}]}, "solution": [{"lang": "en", "value": "SolarWinds has released a hotfix 15.2.3 HF2 It is suggested to upgrade to the latest hotfix as soon as possible"}], "source": {"defect": ["CVE-2021-35211"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "SolarWinds advises to disconnect Serv-U Server from internet until patched."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T00:33:51.183Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit"}]}]}, "cveMetadata": {"assignerOrgId": "49f11609-934d-4621-84e6-e02e032104d6", "assignerShortName": "SolarWinds", "cveId": "CVE-2021-35211", "datePublished": "2021-07-14T20:55:25.167115Z", "dateReserved": "2021-06-22T00:00:00", "dateUpdated": "2024-09-16T18:24:37.073Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"cisaActionDue": "2021-11-17", "cisaExploitAdd": "2021-11-03", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "SolarWinds Serv-U Remote Code Execution Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*", "matchCriteriaId": "66A68531-7831-4875-B0AB-215C3E5A62B6", "versionEndExcluding": "15.2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:serv-u:15.2.3:-:*:*:*:*:*:*", "matchCriteriaId": "9E8B32A1-90C1-4901-9B66-FA72E5787450", "vulnerable": true}, {"criteria": "cpe:2.3:a:solarwinds:serv-u:15.2.3:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "92569E9A-911C-4704-A962-047FF5E0E2CF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability."}, {"lang": "es", "value": "Microsoft descubri\u00f3 una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota (RCE) en el producto SolarWinds Serv-U usando una Vulnerabilidad de Escape de Memoria Remota. Si es explotado, un actor de la amenaza puede ser capaz de obtener acceso privilegiado a la m\u00e1quina que aloja Serv-U solamente. SolarWinds Serv-U Managed File Transfer y Serv-U Secure FTP para Windows versiones anteriores a 15.2.3 HF2 est\u00e1n afectados por esta vulnerabilidad"}], "id": "CVE-2021-35211", "lastModified": "2023-08-08T14:22:24.967", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 6.0, "source": "psirt@solarwinds.com", "type": "Secondary"}]}, "published": "2021-07-14T21:15:08.090", "references": [{"source": "psirt@solarwinds.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.microsoft.com/security/blog/2021/07/13/microsoft-discovers-threat-actor-targeting-solarwinds-serv-u-software-with-0-day-exploit"}, {"source": "psirt@solarwinds.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211"}], "sourceIdentifier": "psirt@solarwinds.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}