.webp)
A critical vulnerability reported under active exploitation has been added to CISA’s known exploited vulnerabilities catalog. This vulnerability is categorized as CVE-2024-28986 (CVSSv3.1: 9.8) and affects SolarWinds Web Help Desk. It is defined as a Java Deserialization Remote Code Execution which if exploited would allow an attacker to run commands on the host machine.
Impact
SolarWinds Web Help Desk 12.8.3 and all previous versions are affected.
This vulnerability is defined as requiring no authentication, but SolarWinds has reported that they have done thorough testing and could not reproduce the bug without authentication. They are still urging Web Help Desk customers to apply the now-available patch as reported in the advisory on 8/9/2024.
This vulnerability has a high CVSS score, there are reports of active exploitation, and it allows for remote code execution. It would have a high impact if exploited and presents an elevated risk due to reports of active exploitation in the wild.
Remediation
Upgrading to SolarWinds Web Help Desk 12.8.3 HF 1 will remediate this vulnerability. Review the documentation for Web Help Desk to ensure a proper upgrade.
Recommendations
Patch: We advise you to follow the steps listed in the update documentation linked above and update SolarWinds Web Help Desk to the latest version.
Review documentation: Ensure you are reviewing and following the steps outlined in vendor documentation regarding vulnerability remediation, application upgrades, and mitigations.
Assess scope and plan: Use vulnerability scanning tools to assess the scope of this vulnerability throughout your environment and get all associated parties together to create a plan to patch the associated software.
Associated Bulletins
SolarWinds Trust Center Security Advisories | CVE-2024-28986
.jpg)
