CVE-2024-23479: 
SolarWinds Access Rights Manager vulnerability analysis and mitigation

SolarWinds Access Rights Manager (ARM) was identified with a Directory Traversal Remote Code Execution Vulnerability (CVE-2024-23479). The vulnerability was discovered in December 2023 and publicly disclosed on February 15, 2024. This critical security flaw affects SolarWinds Access Rights Manager (ARM) version 2023.2.2 and prior versions (SolarWinds Advisory).

The vulnerability exists within the OpenFileStreamLocal method, stemming from inadequate validation of user-supplied paths during file operations. It has received a Critical CVSS score of 9.6 with the vector string CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. The flaw is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) (ZDI Advisory, NVD).

The vulnerability's exploitation could allow attackers to execute arbitrary code in the context of SYSTEM privileges. This level of access enables threat actors to install malware or ransomware, steal sensitive data, disrupt critical business operations, and launch attacks on connected networks (Security Online).

SolarWinds has released version 2023.2.3 of Access Rights Manager (ARM) which contains fixes for this vulnerability. Organizations using affected versions of ARM are strongly advised to upgrade to the patched version immediately (SolarWinds Advisory).