Originally reported to SolarWinds on October 10th, this flaw known as “Dumpster Diver,” allows attackers to gain domain administrator credentials, essentially granting them control over the entire system. Proof-of-concept code to exploit the vulnerability is available. While SolarWinds pushed out a hotfix quite recently, Vice President of Security for SolarWinds, Tim Brown, stated that as of January 24th, there were no known instances where this exploit was used maliciously. Additionally, a mitigation tool can be used in the event that the hotfix cannot be applied.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.