SolarWinds issues fixes to fix a remote code execution flaw in its Serv-U managed file transfer service. The Texas-based company became the epicenter of a massive supply chain attack late last year. The company says it’s “unaware of the identity of the potentially affected customers” The threat actor behind the exploitation remains unknown as yet, and it isn’t clear exactly how the attack was carried out. The vulnerability is “completely unrelated to the SUNBURST supply chain” attack, the company says.
Source: https://thehackernews.com/2021/07/a-new-critical-solarwinds-zero-day.html