{"id":4724,"date":"2025-09-23T09:32:05","date_gmt":"2025-09-23T14:32:05","guid":{"rendered":"https:\/\/cert.pa\/?p=4724"},"modified":"2025-09-23T09:32:06","modified_gmt":"2025-09-23T14:32:06","slug":"csirt-panama-aviso-2025-sep-23-solarwinds-libera-hotfix-para-falla-de-ejecucion-de-codigo-remota","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=4724","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2025-Sep-23 SolarWinds Libera Hotfix para falla de ejecucion de c\u00f3digo remota"},"content":{"rendered":"\n<p>CSIRT Panam\u00e1 Aviso 2025-Sep-23 SolarWinds Libera Hotfix para falla de ejecucion de c\u00f3digo remota<br>Gravedad: Alta<br>Fecha de publicaci\u00f3n: septiembre 23, 2025<br>\u00daltima revisi\u00f3n: septiembre 23, 2025<br>https:\/\/documentation.solarwinds.com\/en\/success_center\/whd\/content\/release_notes\/whd_12-8-7-hotfix-1_release_notes.htm<\/p>\n\n\n\n<p>Sistemas Afectados:<\/p>\n\n\n\n<p>SolarWinds Servidor Orion 2025.1 y versiones anteriores.<br><\/p>\n\n\n\n<p>I. Descripci\u00f3n<br>SolarWinds ha emitido un parche de emergencia para abordar una vulnerabilidad cr\u00edtica (CVE-2025-26399, CVSS 9.8) en su plataforma Orion, que podr\u00eda permitir a un atacante remoto ejecutar c\u00f3digo arbitrario sin autenticaci\u00f3n. Esta vulnerabilidad afecta a versiones espec\u00edficas del software y ya se han detectado intentos de explotaci\u00f3n activa en la naturaleza.<\/p>\n\n\n\n<p>II. Detalle<br>La falla espec\u00edfica existe en el AjaxProxy. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar la deserializaci\u00f3n de datos no confiables. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de &#8220;SYSTEM&#8221;.<\/p>\n\n\n\n<p>Esto puede comprometer la red interna donde est\u00e9 desplegado el servidor Orion.<br>Robar informaci\u00f3n sensible o desplegar ransomware.<\/p>\n\n\n\n<p>III. Referencia a soluciones, herramientas e informaci\u00f3n<br>Aplicar el parche inmediatamente:<\/p>\n\n\n\n<p>Descargar la actualizaci\u00f3n de emergencia desde el portal oficial de SolarWinds:<br>https:\/\/documentation.solarwinds.com\/en\/success_center\/whd\/content\/release_notes\/whd_12-8-7-hotfix-1_release_notes.htm<\/p>\n\n\n\n<p>IV. Informaci\u00f3n de contacto<br>CSIRT PANAMA<br>Computer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental<br>E-Mail: incidentes@cert.pa<br>E-Mail: info@cert.pa<br>Phone: +507 520-CERT (2378)<br>Web: https:\/\/cert.pa<br>Key ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CSIRT Panam\u00e1 Aviso 2025-Sep-23 SolarWinds Libera Hotfix para falla de ejecucion de c\u00f3digo remotaGravedad: AltaFecha de publicaci\u00f3n: septiembre 23, 2025\u00daltima revisi\u00f3n: septiembre 23, 2025https:\/\/documentation.solarwinds.com\/en\/success_center\/whd\/content\/release_notes\/whd_12-8-7-hotfix-1_release_notes.htm Sistemas Afectados: SolarWinds Servidor Orion 2025.1 y versiones anteriores. I. Descripci\u00f3nSolarWinds&#8230;<\/p>\n","protected":false},"author":5,"featured_media":4725,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[76,43,72,133],"class_list":["post-4724","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-actualizaciones","tag-alertas","tag-avisos-de-seguridad","tag-solar-winds"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/4724","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4724"}],"version-history":[{"count":1,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/4724\/revisions"}],"predecessor-version":[{"id":4726,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/4724\/revisions\/4726"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/4725"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4724"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4724"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4724"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}