Hackers Attempt to Exploit New SolarWinds Serv-U Bug in Log4Shell Attacks

Microsoft has revealed a security vulnerability in SolarWinds Serv-U software, which was being exploited by threat actors leveraging the existing Log4j flaws. Labelled as CVE-2021-35247, the issue affects Serv-U versions 15.2.5 and earlier. SolarWinds stated that there wasn’t any downstream effect from the vulnerability, but did not clarify if the detected attacks were successful.