CVE-2024-23472
published 2024-07-17CVE-2024-23472: SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read…
PriorityP356high8CVSS 3.1
AVAACLPRLUINSUCHIHAH
EPSS
18.60%
96.9th percentile
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| solarwinds | access_rights_manager | <= 2023.2.4 | — |
| solarwinds | access_rights_manager | previous versions – 2023.2.4 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Checkpoint
22nd July – Threat Intelligence Report
blogs_checkpoint·2024-07-22
CVE-2024-27348 22nd July – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 22nd July – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 22nd July, please download our Threat Intelligence Bulletin .
TOP ATTACKS AND BREACHES
American Bassett Furniture Industries has been a victim of a ransomware attack that resulted in the encryption of data files and the shutdown of its manufacturing facilities. The attack has significantly disrupted the company’s operations, impacting its ability to fulfill orders despite keeping retail stores and its e-commerce
Bleepingcomputer
SolarWinds fixes 8 critical bugs in access rights audit software
blogs_bleepingcomputer·2024-07-18·CVSS 8.3
[HIGH] SolarWinds fixes 8 critical bugs in access rights audit software
## SolarWinds fixes 8 critical bugs in access rights audit software
## Sergiu Gatlan
SolarWinds has fixed eight critical vulnerabilities in its Access Rights Manager (ARM) software, six of which allowed attackers to gain remote code execution (RCE) on vulnerable devices.
Access Rights Manager is a critical tool in enterprise environments that helps admins manage and audit access rights across their organization's IT infrastructure to minimize threat impact.
The RCE vulnerabilities (CVE-2024-23469, CVE-2024-23466, CVE-2024-23467, CVE-2024-28074, CVE-2024-23471, and CVE-2024-23470)—all rated with 9.6/10 severity scores—let attackers without privileges perform actions on unpatched systems by executing code or commands, with or without SYSTEM privileges depending on the exploited flaw.
Th
2024-07-17
Published