CVE-2021-27277 vulnerability in SolarWinds Products
Published on April 22, 2021
This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the OneTimeJobSchedulerEventsService WCF service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-11955.
Weakness Type
What is a Marshaling, Unmarshaling Vulnerability?
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
CVE-2021-27277 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.
Products Associated with CVE-2021-27277
stack.watch emails you whenever new vulnerabilities are published in SolarWinds Orion Virtual Infrastructure Monitor or SolarWinds Orion Platform. Just hit a watch button to start following.
Affected Versions
SolarWinds Orion Virtual Infrastructure Monitor Version 2020.2 is affected by CVE-2021-27277Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.