SolarWinds Orion NPM | SYSTEM Remote Code Execution Vulnerability SolarWinds Orion NPM | SYSTEM Remote Code Execution Vulnerability

Home  |  Research  |  Resources  |  Advisories  |  SolarWinds Orion NPM

SolarWinds Orion NPM

Remote Code Execution

CVE ID

CVE-2019-8917

VENDOR

SolarWinds

PRODUCT

SolarWinds Orion NPM

Product version

12.3.5200.0

Vulnerability Details

SolarWinds Orion NPM suffers from a SYSTEM remote code execution vulnerability in the "OrionModuleEngine" service. This service establishes an NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The "InvokeActionMethod" method may be abused by an attacker to execute commands as the SYSTEM user.

Learn More →

Vendor response

Thanks to SolarWinds' prompt response, a fix is available in the 12.4 release.

Disclosure timeline

10-01-2018 - Disclosed to Vendor
10-02-2018 - Response from Vendor
10-08-2018 - Coordination of Patch and Disclosure with Vendor
12-04-2018 - Verified patch in 12.4 release

Domain Spoofing and Phishing Attacks 2

Domain Spoofing and Phishing Attacks

Blog Post

Domain Spoofing and Phishing Attacks

Security Awareness Training

PCI DDS 4.0

PCI DSS 4.0: What You Need to Know and What You Need to Do

Blog Post

PCI DSS 4.0: What You Need to Know and What You Need to Do

payments industry

Artificial Intelligence

AI and Cybersecurity: Threats and Opportunities

Blog Post

AI and Cybersecurity: Threats and Opportunities

ChatGPT

    Back to Advisory Main         Visit Resource Library    

Offensive Minded Security Exploit Development

Learn More

arrow right

We are an international squad of professionals working as one.

logos

Copyright 2021 VerSprite - All Rights Reserved