SolarWinds Serv-U Fileserver being Exploited

  • CERT Admin
  • Tue Jul 13 2021
  • Alerts

Components Affected 

Systems running Serv-U 15.2.3 HF1 and prior, Including 

● Serv-U Managed File Transfer Server 

● Serv-U Secured FTP 

Threat Level 

High

Overview 

An attacker could leverage this vulnerability to gain access to the server running Serv-U and gain access to other devices in the same network.  

Description 

A successful exploit of this vulnerability allows an attacker to run arbitrary codes with privileges and then allow the attacker to install programs, view, change, or delete data on the affected system.  

Impact 

● Executing unwanted applications 

● Manipulation of the data 

Solution/ Workarounds 

● Update the Serv-U version to 5.2.3 HF2 immediately 

● Disable the Serv-U until applying the patch (Note- This may impact existing business functions and should be implemented after proper assessment)  

Reference 

● https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211 

● https://www.cert.govt.nz/it-specialists/advisories/vulnerability-in-solarwinds-serv-u-fileserver-being-exploited/ 

Disclaimer 

The information provided herein is on an "as is" basis, without warranty of any kind. 

   

Last updated: Tue Jul 13 2021