SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability 

(CVE-2023-35181)

Summary

The SolarWinds Access Rights Manager was susceptible to Privilege
Escalation Vulnerability. This vulnerability allows users to abuse
incorrect folder permission resulting in Privilege Escalation.

Affected Products

  • SolarWinds ARM 2023.2.0.73 and prior versions

Fixed Software Release

Acknowledgments

  • Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative


Advisory Details

Severity

7.8 High

Advisory ID

First Published

10/18/2023

Last Published

10/18/2023