SolarWinds SEM Deserialization of Untrusted Data Remote Code Execution Vulnerability
(CVE-2024-0692)
Summary
The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse SolarWinds' service, resulting in remote code execution.
Affected Products
- SolarWinds SEM 2023.4 and prior versions
Fixed Software Release
Acknowledgments
- Anonymous working with Trend Micro Zero Day Initiative
Advisory Details
Severity
8.8 High
Advisory ID
First Published
03/01/2024
Last Published
03/01/2024