vulnerability

SolarWinds Orion Platform: Authenticated Remote Code Execution (CVE-2020-14005)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:S/C:C/I:C/A:C)	Jun 24, 2020	Jan 15, 2021	Jan 18, 2021

Severity

CVSS

(AV:N/AC:L/Au:S/C:C/I:C/A:C)

Published

Jun 24, 2020

Added

Jan 15, 2021

Modified

Jan 18, 2021

Description

Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or
NPM HF2 2019.4) allows remote attackers to execute arbitrary code via a
defined event.

The issue results from the lack of proper validation of a user-supplied
string before using it to execute a system call. An attacker can leverage
this vulnerability to execute code in the context of SYSTEM.

Authentication is required to exploit this vulnerability.

Solution

http-solarwinds-orion-platform-upgrade-latest

References

CVE-2020-14005
https://attackerkb.com/topics/CVE-2020-14005
URL-https://gist.github.com/alert3/c9dcce5474e55f408c93c086c30cdbb7
URL-https://www.zerodayinitiative.com/advisories/ZDI-21-063/
URL-https://www.zerodayinitiative.com/advisories/ZDI-21-065/

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today