August 22, 2024 at 06:48PM
SolarWinds acknowledged a critical security flaw (CVE-2024-28987) in its Web Help Desk (WHD) product, affecting versions 12.8.3 HF1 and earlier. The flaw allows unauthenticated attackers to manipulate sensitive data. An update, HF2, has been released to address the issue. Another critical vulnerability (CVE-2024-28986) has also been identified, with exploitation potential for remote code execution.
Based on the meeting notes, it is clear that SolarWinds has identified and addressed a critical security oversight in its Web Help Desk product. The vulnerability, tracked as CVE-2024-28987, received a high severity rating and affects multiple versions of the software. SolarWinds has released a hotfix, 12.8.3 HF2, to address the issue, which users are encouraged to install immediately.
It is concerning that the vulnerability involves hardcoded credentials, as this could make it attractive to malicious actors. Given the broad customer base of SolarWinds across government and enterprise clients, it is important to prioritize the installation of the hotfix to mitigate the risk of exploitation.
In addition, a separate critical flaw, tracked as CVE-2024-28986, has been added to CISA’s Known Exploited Vulnerabilities catalog. This flaw is a Java deserialization remote code execution vulnerability, also rated with a high severity score. Organizations using the Web Help Desk software should be aware of these vulnerabilities and take immediate action to patch their systems.
The Register’s inquiries about the CVE and whether it is under active attack were not immediately responded to by SolarWinds, and it is important for our organization to closely monitor the situation and take proactive measures to secure our systems.
In summary, the prompt installation of the hotfix provided by SolarWinds is recommended to mitigate the risks associated with these critical vulnerabilities.