Cybersecurity researchers on Wednesday disclosed three severe security vulnerabilities impacting SolarWinds products. The most severe of the vulnerabilities could have been exploited to achieve remote code execution with elevated privileges. None of the three vulnerabilities are believed to have been exploited in any “in the wild” attacks or during the unprecedented supply chain attack targeting the Orion Platform that came to light last December. The latest versions of Orion Platform and Serv-U FTP (15.2.2 Hotfix 1) to mitigate the risks associated with the flaws.
Source: https://thehackernews.com/2021/02/3-new-severe-security-vulnerabilities.html