Following last year's SolarWinds hack, a security researcher at Trustwave SpiderLabs decided to take a closer look at the company's software to see if he could find additional vulnerabilities. In a new blog post, Trustwave security research manager Martin Rakhmanov revealed that he found three serious bugs in two SolarWinds products. Fortunately, none of these vulnerabilities were exploited in recent SolarWinds or natural attacks, but one of the three recently discovered bugs could be exploited to execute remote code with elevated privileges. Rakhmanov began his research by looking at other SolarWinds products based on his Orion framework. He installed the company's User Device Tracker software and was asked to set up Microsoft Message Queue (MSMQ), which has been around for more than two decades and is no longer installed by default on modern Windows systems. After looking at the huge list of private queues, Rakhmanov discovered that these queues are not authenticated, which means that unauthenticated users can send messages to them over TCP port 1801. From there, he checked how well SolarWinds protects credentials. for your backend database. It was then that Rakhmanov discovered that he could crack the passwords stored in the company's database using readily available software. By using these passwords, someone can steal information or even add a new administrator level user on SolarWinds Orion products.