CVE-2024-28986

Name of the Vulnerable Software and Affected Versions SolarWinds Web Help Desk versions prior to 12.8.3 Hotfix 2

Description SolarWinds Web Help Desk is susceptible to a Java deserialization remote code execution issue. Exploitation of this issue could allow a malicious actor to execute arbitrary commands on the host machine. The vulnerability is actively being exploited. While initial reports suggested the vulnerability was unauthenticated, SolarWinds has been unable to reproduce it without authentication after thorough testing. Approximately 812 internet-exposed instances have been identified, with 527 located in the United States. The vulnerability allows for remote code execution via a flaw in Java deserialization.

Recommendations Upgrade SolarWinds Web Help Desk to version 12.8.3 Hotfix 2 or later. Audit all admin accounts on SolarWinds Web Help Desk. Back up critical data before applying the hotfix. Restrict access to the vulnerable module to minimize the risk of exploitation.