Intrusion Prevention

SolarWinds.DameWare.Mini.Remote.Control.Remote.Code.Execution

Description

This indicates an attack attempt to exploit an Unauthenticated Remote Code Execution Vulnerability in SolarWinds DameWare Mini Remote Control.
A remote, unauthenticated attacker could exploit this vulnerability by sending a specially crafted message to the target system on port 6129. Successful exploitation allows the attack to upload arbitrary files and achieve remote code execution on the vulnerable system.

Affected Products

SolarWinds DameWare Mini Remote Control prior to 12.0.x Hot Fix 1 or 12.1 Hot Fix 3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://support.solarwinds.com/SuccessCenter/s/article/CVE-2019-3980-Dameware-vulnerability

CVE References

CVE-2019-3980