The software vendors released the Orion Platform version 2020.2.5 to fix the issues, the most severe one is a critical remote code execution vulnerability. The flaw is an RCE via Actions and JSON Deserialization that could be exploited by an authenticated attacker, it was reported via the ZDI Trend Micro initiative.
“A remote code execution vulnerability has been found via the test alert actions. An Orion authenticated user is required to exploit this.” reads the advisory.
The vendor did not disclose technical details of the vulnerability to avoid its exploitation in the wild.
The company also addressed another RCE rated as high-risk severity that could be exploited by an attacker with the knowledge of the credentials of an unprivileged local account on the Orion Server.
“The vulnerability can be used to achieve authenticated RCE as Administrator. In order to exploit this, an attacker first needs to know the credentials of an unprivileged local account on the Orion Server.” states the advisory.
The flaw was reported by by the security researcher Harrison Neal from ZDI Trend Micro.
The latest version also addressed a Reverse Tabnabbing and Open Redirect issue and a Stored XSS in Customize view, respectively tracked as CVE-2021-3109 and CVE-2020-35856 and rated as medium and high severity.
“A stored XSS vulnerability was found in the add custom tab within customize view page by a security researcher. This vulnerability requires Orion administrator account to exploit this.” states the advisory.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, SolarWinds)