SolarWinds Access Rights Manager: One Vulnerability to LPE Them All

This blog post reviews multiple security flaws in SolarWinds Access Rights Manager (ARM), focusing on pre-auth arbitrary file deletion vulnerabilities that can lead to local privilege escalation on domain-joined Windows hosts; the author also found pre-auth RCEs via .NET Remoting/gRPC, insecure deserialization enabling post-auth RCE, and file read/delete issues. The issues were addressed by SolarWinds in the ARM 2024.3 update.