Software company SolarWinds released a security advisory summary on July 9th that says Microsoft notified them of a previously unknown security vulnerability related to Serv-U Manager File Transfer Server and Serv-U Secured FTP. Microsoft’s research says the exploit “involves a limited, targeted set of customers and a single threat actor.” SolarWinds says that they do not have an estimate of how many customers may be directly affected by the vulnerability nor are they aware of the identities of the potentially affected customers.
If the remote code execution (RCE) vulnerability is exploited, a threat actor can run arbitrary code with privileges to make changes such as install programs; view, change or delete data; and or run programs on the affected system. SolarWinds notes that the new vulnerability is NOT related to the SUNBURST supply chain attack. The advisory stated that “additional details of the vulnerability will be published after giving customers sufficient time to upgrade for the protection of their environments.”