August 23, 2024 at 03:00PM
SolarWinds has released a patch for a second critical vulnerability in its Web Help Desk software, addressing hardcoded credentials that could allow remote attackers to modify data. The patch also addresses a previous Java deserialization issue. Customers are urged to update immediately to mitigate potential exploitation by threat actors.
Based on the meeting notes, it appears that SolarWinds has recently released a patch for two critical vulnerabilities in its Web Help Desk (WHD) software. The first vulnerability, tracked as CVE-2024-28986, involved a Java deserialization issue that could have allowed an attacker to run commands on a targeted machine. This vulnerability was considered critical and was added to CISA’s catalog of known exploited vulnerabilities, indicating that active exploitation by threat actors was already underway.
The second vulnerability, tracked as CVE-2024-28987, concerns hardcoded credentials that could allow a remote, unauthenticated attacker to break into WHD and modify data. This vulnerability was also deemed critical and has existed in the product for several years. SolarWinds has released a patch that incorporates fixes for both issues, and customers are advised to update immediately.
It is also important to note that regular security reviews on the same application are valuable, according to Horizon3.ai vulnerability researcher Zach Hanley. He emphasized the potential risks associated with unauthenticated access to help desk tickets and urged the importance of maintaining security measures.
In summary, SolarWinds has addressed these critical bugs through urgent fixes, and it is imperative for customers to promptly update their systems to mitigate the associated security risks.