Threat Advisories

Active Exploitation of SolarWinds Serv-U Flaw for Accessing Private Data

June 22, 2024

Summary:

Threat actors are actively exploiting a critical path-traversal vulnerability, CVE-2024-28995, in SolarWinds Serv-U. By leveraging publicly available proof-of-concept (PoC) exploits, attackers can successfully exploit this vulnerability, allowing unauthenticated access to read sensitive files on the target server.

Threat Level – Red | Vulnerability Report

×

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Fickle Stealer’s Dynamic Attack Strategies

Phoenix UEFI Firmware Flaw Exposes Multiple Intel CPUs to Risk