Vulnerability in Monitoring Software

CVE

CVE-2020-13912

Vulnerable Software

SolarWinds “Advanced Monitoring Agent” prior to 10.8.9

Vulnerability

Insufficient Permissions/ Privilege Escalation

Time Line

  • 18.05.2020 Vendor informed
  • 20.05.2020 Vendor verified the vulnerability and informed HanseSecure, that the Vulnerability was patched in Version 10.8.9
  • 03.06.2020 Disclosure

Description

The Advanced Monitoring Agent through 10.8.8 was run by every user login (remote or local). The corresponding executable is writeable by all users on the system. A malicious user could replace this file with any other one to execute abitary commands in the context of every user who logs in.

References: