SolarWinds “Advanced Monitoring Agent” prior to 10.8.9
Insufficient Permissions/ Privilege Escalation
- 18.05.2020 Vendor informed
- 20.05.2020 Vendor verified the vulnerability and informed HanseSecure, that the Vulnerability was patched in Version 10.8.9
- 03.06.2020 Disclosure
The Advanced Monitoring Agent through 10.8.8 was run by every user login (remote or local). The corresponding executable is writeable by all users on the system. A malicious user could replace this file with any other one to execute abitary commands in the context of every user who logs in.