SolarWinds Patches Critical Web Help Desk Vulnerability (CVE-2024-28986)
CVSS Score 9.8, CISA Warns of Active Exploitation
Patch Now to Mitigate Risk
SolarWinds has released a hotfix to address CVE-2024-28986, a critical remote code execution (RCE) vulnerability in its Web Help Desk (WHD) product. The Cybersecurity and Infrastructure Security Agency (CISA) has warned that this vulnerability is being actively exploited in the wild, and is urging organizations to patch their systems immediately.
The vulnerability exists in the "Ticket Attachment" feature of WHD, and it allows attackers to execute arbitrary code on vulnerable systems. This could allow attackers to take control of affected systems, access sensitive data, or launch further attacks.
Affected Versions
The following versions of SolarWinds Web Help Desk are affected by this vulnerability:
- 12.4.0
- 12.4.1
- 12.5.0
- 12.5.1
Mitigation
SolarWinds has released a hotfix for this vulnerability. All affected organizations are urged to apply the hotfix as soon as possible. The hotfix can be downloaded from the SolarWinds website:
https://www.solarwinds.com/securitycenter/security-advisories/swa20240703Additional Security Measures
In addition to applying the hotfix, organizations are also recommended to implement the following additional security measures:
- Disable the "Ticket Attachment" feature if it is not needed.
- Enable web application firewall (WAF) rules to block malicious requests.
- Monitor system logs for suspicious activity and investigate any anomalies promptly.
Conclusion
This critical vulnerability poses a significant risk to organizations using SolarWinds Web Help Desk. It is essential that organizations apply the hotfix immediately, implement additional security measures, and monitor their systems closely for any suspicious activity. By taking these steps, organizations can mitigate the risk of a successful attack.
Comments