Vulnerability details: 

The vulnerability is due to a boundary error, more clearly due to the improper restriction of operations within the bounds of a Memory Buffer.

Versions affected:

The vulnerability exists in the latest Serv-U version 15.2.3 HF1 released May 5, 2021, and all prior versions.

Impact:

If this vulnerability is successfully exploited, threat actors can run arbitrary code with privileges. An attacker could then install programs; view, change, or delete data; or run programs on the affected system.

Exploitation:

The vulnerability is being actively exploited in the wild and a limited, targeted group of users have been hit so far according to Microsoft.

Mitigation:

Patches are not available yet to address this vulnerability but a hotfix (Serv-U 15.2.3 HF2) has been released by SolarWinds. All customers using Serv-U should install this fix immediately for the protection of their environment. Active maintenance SolarWinds customers of the Serv-U product, can login to their Customer Portal and access the fix. If you are on non-active maintenance and currently using the products, open a customer service ticket with the subject "Serv-U Assistance" and the SolarWinds team will assist you.

In Vulnerability Manager Plus, you can find this vulnerability under the Zero-day vulnerabilities tab.

For more details, refer to SolarWinds' security advisory

Cheers,