Lucene search
Hive ProHIVEPRO:CFFBC7E8786DCD48596ACB491F713B13HistoryJul 13, 2021 - 12:50 p.m.
Threat Actors are actively exploiting a SolarWinds Zero-Day Vulnerability
2021-07-1312:50:52
Hive Pro
www.hivepro.com
22
threat actors
exploited vulnerability
solarwinds
serv-u managed file transfer
serv-u secure ftp
patch.
EPSS
0.951
Percentile
99.4%
THREAT LEVEL: Amber.
For a detailed advisory, download the pdf file here.
A zero-day vulnerability (CVE-2021-35211) that impacts the Serv-U Managed File Transfer and Serv-U Secure FTP, is been exploited by multiple threat actors. The PoC of this exploited vulnerability was given to SolarWinds by Microsoft. SolarWinds has released a patch for the same.
Vulnerability Details
Indicator of Compromise
| Type | Value |
|---|---|
| IP Address | 98.176.196.89 |
| 68.235.178.32 | |
| 208.113.35.58 |
Patch Link
<https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211>
References
<https://thehackernews.com/2021/07/a-new-critical-solarwinds-zero-day.html>
Related
rapid7blog
rapid7blog
SolarWinds Serv-U FTP and Managed File Transfer CVE-2021-35211: What You Need to Know
2021-07-12 22:39:41
What's New in InsightVM: Q3 2021 in Review
2021-10-08 13:30:00
thn
thn
A New Critical SolarWinds Zero-Day Vulnerability Under Active Attack
2021-07-13 03:58:00
Chinese Hackers Exploited Latest SolarWinds 0-Day in Targeted Attacks
2021-07-14 03:41:00
cve
cve
CVE-2021-35211
2021-07-14 21:15:08
cisa
cisa
SolarWinds Releases Advisory for Serv-U Vulnerability
2021-07-13 00:00:00
checkpoint_advisories
checkpoint_advisories
SolarWinds Serv-U Remote Code Execution (CVE-2021-35211)
2021-12-05 00:00:00
cisa_kev
cisa_kev
SolarWinds Serv-U Remote Code Execution Vulnerability
2021-11-03 00:00:00
prion
prion
Remote code execution
2021-07-14 21:15:00
cvelist
cvelist
CVE-2021-35211 Serv-U Remote Memory Escape Vulnerability
2021-07-14 20:55:25
nvd
nvd
CVE-2021-35211
2021-07-14 21:15:08
mssecure
mssecure
Microsoft discovers threat actor targeting SolarWinds Serv-U software with 0-day exploit
2021-07-13 22:30:17
A deep-dive into the SolarWinds Serv-U SSH vulnerability
2021-09-02 16:00:56
mmpc
mmpc
A deep-dive into the SolarWinds Serv-U SSH vulnerability
2021-09-02 16:00:56
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Solarwinds Serv-U
2022-01-14 05:52:17
nessus
nessus
Serv-U FTP Server <= 15.2.3 Hotfix 1 Memory Escape Vulnerability
2021-07-15 00:00:00
malwarebytes
malwarebytes
A week in security (Nov 8 – Nov 14)
2021-11-15 10:14:02
threatpost
threatpost
SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack
2021-07-13 12:58:11
attackerkb
attackerkb
CVE-2021-35211
2021-07-13 00:00:00
avleonov
avleonov
qualysblog
qualysblog
Qualys Response to CISA Alert: Binding Operational Directive 22-01
2021-11-09 06:15:01
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00