CVE-2021-35211

Name of the Vulnerable Software and Affected Versions SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows versions prior to 15.2.3 HF2

Description A remote code execution vulnerability in the SolarWinds Serv-U product allows a threat actor to gain privileged access to the machine hosting Serv-U. The vulnerability is related to a Remote Memory Escape Vulnerability and can be exploited by sending a crafted request to the SSH server. The issue is associated with the lack of address space layout randomization (ASLR) protection in the Serv-U binary files.

Recommendations For versions prior to 15.2.3 HF2, update to version 15.2.3 HF2 or later to resolve the issue. As a temporary workaround, consider restricting access to the SSH server or disabling the vulnerable Serv-U service until a patch is applied. Avoid using the default configuration for SSH servers, as it may be easily exploited.