Threat Intelligence / CVE / CVE-2024-28986

CVE-2024-28986

CISA KEV

CVSS 9.8 (CRITICAL) · EPSS 75.0% · Published 2024-08-13

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-502

Threats tracking this CVE

SolarWinds Web Help Desk Deserialization RCE - CISA KEV — CRITICAL

References

https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28986
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-28986

Full detection coverage & IOCs for threats exploiting CVE-2024-28986 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence