Critical Vulnerability in SolarWinds Network Configuration Manager

The French Computer Emergency Response Team (CERT-FR) has issued an alert regarding a severe security vulnerability discovered in SolarWinds Network Configuration Manager. This flaw, identified as CVE-2023-40054, poses a significant risk of remote arbitrary code execution.

The affected versions are those preceding SolarWinds Network Configuration Manager 2023.4.1. The vulnerability could potentially allow an attacker to execute arbitrary code remotely, emphasizing the need for immediate action.

Users are strongly urged to refer to SolarWinds’ security bulletin dated November 1, 2023, for detailed information and to obtain the necessary patches. The provided solution aims to address the issue and enhance the security of the affected systems.

The French CERT-FR emphasizes the critical nature of prompt patching to safeguard against potential exploitation. Organizations and users relying on SolarWinds Network Configuration Manager should take immediate action to mitigate the risks associated with this vulnerability.