August 23, 2024 at 03:00PM SolarWinds has released a patch for a second critical vulnerability in its Web Help Desk software, addressing hardcoded credentials that could allow remote attackers to modify data. The patch also addresses a previous Java deserialization issue. Customers are urged to update immediately to mitigate potential exploitation by threat actors. Based … Read more
August 16, 2024 at 06:10AM CISA warned of a critical vulnerability in SolarWinds Web Help Desk, CVE-2024-28986, allowing remote code execution. SolarWinds released a patch but noted an authentication requirement for successful exploitation. The flaw affects versions 12.4 to 12.8 and has been observed in the wild. Federal agencies must address vulnerable instances by September … Read more
August 15, 2024 at 10:51AM SolarWinds has released a patch to fix a critical security flaw in its Web Help Desk software (CVE-2024-28986) that could allow remote code execution. Palo Alto Networks also addressed high and moderate-severity vulnerabilities in Cortex XSOAR and GlobalProtect, urging users to update to the latest versions to reduce risks and … Read more
August 15, 2024 at 09:21AM SolarWinds has released a hotfix for a critical-severity vulnerability in Web Help Desk, allowing remote attackers to execute arbitrary code. The CVE-2024-28986 affects versions 12.4 to 12.8, requiring the installation of version 12.8.3.1813. SolarWinds advises customers to upgrade, download the hotfix, and apply it, providing detailed installation instructions in their … Read more
August 14, 2024 at 11:28AM A critical vulnerability in SolarWinds’ Web Help Desk solution allows for remote code execution due to a Java deserialization flaw (CVE-2024-28986). The company released a hotfix for the issue, impacting all versions except 12.8.3 with the hotfix applied. Users are advised to upgrade to the latest version and apply the … Read more