A critical privilege escalation vulnerability in SolarWinds Serv-U allows authenticated administrative users to gain full system-level control and execute arbitrary native code.

This issue involves broken access control where an actor with domain or group admin privileges can bypass restrictions to create a system administrator account. This allows for arbitrary code execution with the privileges of the account running the Serv-U service.

The compromise of a file transfer server can lead to the exposure of sensitive corporate data and lateral movement within the network. While the CVSS score is 9.1, the risk on Windows may be mitigated if the service runs under a low-privileged account; however, the potential for full system takeover remains a critical concern.

Immediate Action: Apply the latest security updates provided by SolarWinds to correct the access control logic within the Serv-U management interface.

Proactive Monitoring: Audit Serv-U logs for the creation of new system administrator accounts or unauthorized changes to group/domain administrative settings.

Compensating Controls: Ensure the Serv-U service is running under a dedicated, least-privileged service account rather than "LocalSystem" to limit the impact of code execution.

Public Exploit Available: false

The severity of this flaw necessitates immediate patching, especially in environments where administrative duties are delegated across multiple users. Administrators should verify service account permissions and update Serv-U to the latest version to prevent unauthorized privilege escalation.