Connect with us

Hi, what are you looking for?


SolarWinds fixes Serv-U bug exploited for Log4j attacks



SolarWinds has patched a Serv-U vulnerability discovered by Microsoft that threat actors actively used to propagate Log4j attacks to internal devices on a network.

Microsoft says they discovered the vulnerability during their monitoring of the Log4j attacks.

The bug is an input validation vulnerability discovered by Microsoft security researcher Jonathan Bar Or that allows an attacker to create a query and send it unsanitized over the network.

“During our sustained monitoring of threats taking advantage of the Log4j 2 vulnerabilities, we observed activity related to attacks being propagated via a previously undisclosed vulnerability in the SolarWinds Serv-U software,” Microsoft explains in an update to their Log4J advisory.

“We discovered that the vulnerability, now tracked as CVE-2021-35247, is an input validation vulnerability that could allow attackers to build a query given some input and send that query over the network without sanitation.”

Yesterday, SolarWinds issued an advisory for CVE-2021-35247 and released Serv-U 15.3 to fix the vulnerability.

“The Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized,” reads SolarWinds advisory.

Advertisement. Scroll to continue reading.

“SolarWinds has updated the input mechanism to perform additional validation and sanitization.”

However, SolarWinds states that no downstream effect has been detected “as the LDAP servers ignored improper characters,” contradicting Microsoft’s report.

At this point, it is unclear if the threat actors attempted to use the vulnerability but failed or if Log4j attacks were successfully propagated as indicated by Microsoft.

Threat actors have previously abused Serv-U vulnerabilities to perform Conti ransomware attacks and other undisclosed attacks.

BleepingComputer has reached out to Microsoft and SolarWinds with further questions but has not heard back at this time.

Source link

Click to comment

Leave a Reply


Top Stories

FTX founder Sam Bankman-Fried and Alameda Ventures made recent headlines for bailing out a handful of CeFi crypto platforms this week, but what exactly...

Top Stories

Although Bitcoin is struggling to form a bottom, altcoins are on a roll and the current price action could benefit UNI, XLM, THETA and...

Top Stories

Ethereum’s native token Ether (ETH) has declined by more than 35% against Bitcoin (BTC) since December 2021 with a potential to decline further in...

Top Stories

The company enables artists and collectors to create, purchase and resell NFTs via blockchain-enabled transactions. Source link


Interested in learning what’s next for the gaming industry? Join gaming executives to discuss emerging parts of the industry this October at GamesBeat Summit...

Top Stories

Bitcoin (BTC) made the most of weekend volatility on June 26 as a squeeze saw BTC/USD reach its highest in over a week. BTC/USD...


You May Also Like


Introductions get a lot of attention. I’ve explored the topic of how to write them even though as a reader, I always skip them....

Online Business Success

The internet is now our nervous system. We are constantly streaming and buying and watching and liking, our brains locked into the global information...

SEO Guide

There are all kinds of pictures of the world on the internet, but to find one of these specific pictures that you want to...

Online Business Success

You can think of link building in many ways. I like to call it tedious, painful, and a test of patience. It’s also necessary...