CVE-2021-35211: SolarWinds Serv-U Remote Code Execution Vulnerability.

SolarWinds Serv-U Remote Code Execution Vulnerability. SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution.

• CISA KEV-listed (remediation due 2021-11-17)
• used in ransomware campaigns
• EPSS 94.3% (100.0% percentile)

Detection rules

• Serv-U Exploitation CVE-2021-35211 by DEV-0322 critical

Related briefings

• TA505 Pivots from Phishing to CVE-2021-35211 SolarWinds Serv-U Exploitation: Cobalt Strike Delivery and RegIdleBackup COM Handler Hijacking for FlawedGrace RAT Persistence 2026-02-16

Browse the CVE database

Read the full analysis on IntelFusions