Critical Vulnerability in SolarWinds Web Help Desk

Published on 15 Aug 2024

SolarWinds has released security updates addressing a critical vulnerability (CVE-2024-28986) in their Web Help Desk solution. The vulnerability has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10.

Successful exploitation of the Java deserialisation vulnerability may allow an attacker to perform remote code execution attacks on the vulnerable machine.

The vulnerability affects all versions of Web Help Desk prior to 12.8.3.

Users and administrators of affected products are advised to update to the latest versions immediately.

More information is available here: