VYPR
Unrated severityCISA KEVNVD Advisory· Published Jul 14, 2021· Updated Oct 21, 2025

Serv-U Remote Memory Escape Vulnerability

CVE-2021-35211

Description

Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Rhinosoft/Serv Ullm-fuzzy
    Range: <15.2.3 HF2
  • SolarWinds/Serv-U Managed File Transfer Server and Serv-U Secured FTPv5
    Range: SolarWinds Serv-U

Patches

Vulnerability mechanics

References

2

News mentions

2