SolarWinds has published multiple advisories detailing seven high-severity vulnerabilities, with a patch expected by the end of February. Five of the security defects allow for deserialization of untrusted data that could lead to command execution by remote attackers with admin-level account access to the SolarWinds Web Console. The remaining two vulnerabilities affect Server & Application Monitor 2022.4 and SolarWinds Platform, with patches available in Hybrid Cloud Observability 2023.1 and SolarWinds Platform 2023.1, respectively.
