CVE-2019-8917
CRITICALSolarWinds Orion NPM < 12.4 - Unauthenticated RCE via OrionModuleEngine
Title source: llmDescription
SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method may be abused by an attacker to execute commands as the SYSTEM user.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107061
Third Party Advisory x_refsource_misc
https://github.com/VerSprite/research/blob/master/advisories/VS-2019-001.md
Scores
CVSS v3
9.8
EPSS
0.3645
EPSS Percentile
98.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
solarwinds/orion_network_performance_monitor
< 12.4
Published
Feb 18, 2019
Tracked Since
Feb 18, 2026