Critical SolarWinds Serv-U flaws offer root access to servers

SolarWinds has patched four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers.
The Hacker News

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

SolarWinds fixes four critical CVSS 9.1 vulnerabilities in Serv-U 15.5 that could allow root code execution with administrative privileges.

SolarWinds Serv-U has some critical security flaws, so users should update now

Four critical flaws were addressed, so patch now ...
NBC 10 Philadelphia

SEC sues SolarWinds over massive cyberattack, alleging fraud and weak controls

The suit, filed Monday, also names SolarWinds' chief information security officer Tim Brown, and alleges that the company overstated its cybersecurity practices and understated known vulnerabilities ...