High severity8.9NVD Advisory· Published Sep 8, 2021· Updated Jun 17, 2026
CVE-2021-35217
CVE-2021-35217
Description
Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 2020.2.5 and previous versions
Patches
Vulnerability mechanics
References
4- documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htmnvdVendor Advisory
- documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htmnvdRelease NotesVendor Advisory
- www.solarwinds.com/trust-center/security-advisories/cve-2021-35217nvdVendor Advisory
- www.zerodayinitiative.com/advisories/ZDI-21-1247/nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.