CVE-2023-40057: 
SolarWinds Access Rights Manager vulnerability analysis and mitigation

The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability, identified as CVE-2023-40057. This critical vulnerability, discovered by anonymous researchers working with Trend Micro Zero Day Initiative (ZDI), affects ARM version 2023.2.2 and prior versions. The vulnerability allows an authenticated user to abuse a SolarWinds service, potentially resulting in remote code execution (SolarWinds Advisory, NVD).

The vulnerability exists within the JsonSerializationHelper class and stems from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. It has been assigned a CVSS score of 9.0 (Critical) with the vector string CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H. The vulnerability is classified under CWE-502 (Deserialization of Untrusted Data) (ZDI Advisory, NVD).

If successfully exploited, an attacker can leverage this vulnerability to execute code in the context of SYSTEM. This level of access could allow attackers to install malware, steal sensitive data, disrupt critical business operations, and potentially launch attacks on connected networks (ZDI Advisory, GBHackers).

SolarWinds has released version 2023.2.3 of Access Rights Manager to address this vulnerability. Organizations using ARM are strongly urged to upgrade to this latest version to prevent potential exploitation (SolarWinds Advisory).