SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.
Credits
Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative
