Rapid7

vulnerability

SolarWinds Access Rights Manager: CVE-2023-35181: Incorrect Default Permissions Local Privilege Escalation Vulnerability

Try Surface Command
Back to search
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Oct 18, 2023
Added
Apr 9, 2025
Modified
Apr 13, 2026

Description

The SolarWinds Access Rights Manager was susceptible to PrivilegeEscalation Vulnerability. This vulnerability allows users to abuseincorrect folder permission resulting in Privilege Escalation.

Solution

solarwinds-access-rights-manager-upgrade-latest

References

Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report