# CVE-2024-28991

> SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.

- **CVSS:** 9 (CRITICAL)
- **EPSS:** 30.9%
- **CWE:** CWE-502, NVD-CWE-noinfo

Canonical: https://intel.threadlinqs.com/cve/CVE-2024-28991
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp