Solarwinds patches critical RCE flaws in Access Rights Manager
US software development company Solarwinds has sent out important security fixes that close a number of critical vulnerabilities in its Access Rights Manager software.
Six of the vulnerabilities scored 9.6 out of 10 on the Common Vulnerability Scoring Scale (CVSS), which means hackers can attack unprotected systems without having to gain administrator rights to gain remote code execution (RCE) on unpatched systems.
Access Rights Manager enables administrators to manage and audit access rights across their IT infrastructure. Users are advised to update to Version 2024.3 of Access Rights Manager as soon as possible.