CVE-2023-35185: 
SolarWinds Access Rights Manager vulnerability analysis and mitigation

The SolarWinds Access Rights Manager (ARM) was found to contain a Directory Traversal Remote Code Execution vulnerability (CVE-2023-35185) that allows attackers to execute arbitrary code with SYSTEM privileges. The vulnerability was discovered in ARM version 2023.2.0.73 and earlier versions, and was fixed in version 2023.2.1 released on October 18, 2023 (SolarWinds Advisory).

The vulnerability exists within the OpenFile method of the SolarWinds ARM application. The specific flaw stems from the lack of proper validation of user-supplied paths prior to using them in file operations. This directory traversal vulnerability allows attackers to execute code in the context of SYSTEM privileges. The vulnerability has been assigned a CVSS v3.1 base score of 6.8 (Medium) by SolarWinds, though other sources like ZDI have rated it at 9.8 (ZDI Advisory).

If successfully exploited, this vulnerability allows attackers to execute arbitrary code with SYSTEM privileges, which provides the highest level of access on Windows systems. This level of access could potentially allow an attacker unrestricted control over affected installations (SOCRadar).

SolarWinds has released version 2023.2.1 of Access Rights Manager which contains fixes for this vulnerability. Organizations are strongly advised to upgrade to this version. SolarWinds has stated they are not aware of any evidence that this vulnerability has been exploited in the wild (SolarWinds Release Notes).