SolarWinds Orion NPM | SYSTEM Remote Code Execution Vulnerability SolarWinds Orion NPM | SYSTEM Remote Code Execution Vulnerability

SolarWinds Orion NPM

Written By: Fabius Watson

SolarWinds Orion NPM suffers from a SYSTEM remote code execution vulnerability in the “OrionModuleEngine” service. This service establishes an NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The “InvokeActionMethod” method may be abused by an attacker to execute commands as the SYSTEM user.

VerSprite's Approach to Security

At VerSprite, we approach security from a holistic risk management perspective, understanding security from business and attacker perspectives.

Our approach goes beyond assessing security controls. We examine credible threats to understand the likelihood of a real-world abuse case and measure the magnitude of business impact if a breach should occur. By developing a holistic business risk view, security decisions become business decisions. Explore Security Offerings →

Receive Security News





We are an international squad of professionals working as one.

logos