SolarWinds Platform Update Patches High-Severity Vulnerabilities

Two major vulnerabilities recently patched in SolarWinds Platform could facilitate command execution and privilege escalation. The severest (scored 8.8 on CVSS) was a command injection bug that could allow remote execution of arbitrary commands if the attacker had SolarWinds Platform admin account credentials. The second issue, scored at 7.8, could enable local privilege escalation. Both issues were reported by Trend Micro Zero Day Initiative researchers and resolved in SolarWinds Platform version 2023.2.