SolarWinds fixes critical RCE bug affecting all Web Help Desk versions

Teilen:

A critical vulnerability in SolarWinds’ Web Help Desk solution for customer support could be exploited to achieve remote code execution, the American business software developer warns in a security advisory today.

The company has released a hotfix and says that the security issue, tracked as CVE-2024-28986, is a Java deserialization that would allow an attacker to run commands on a vulnerable host machine.

Web Help Desk (WHD) is an IT help desk software that centralizes, automates, and streamlines help desk management tasks. It is widely used by large corporations, government organizations, healthcare, education, and help desk centers.

SolarWinds notes that CVE-2024-28986  was reported as a vulnerability that could be exploited without authentication but its engineers were able to reproduce it only after authenticating.

Despite this, the vulnerability has a critical severity score of 9.8 and impacts all SolarWinds Web Help Desk versions, except the latest one, 12.8.3, if it has the hotfix applied.

The vendor recommends that all WHD customers upgrade to the newest release of the software and apply the hotfix as soon as possible.

While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing.

However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.

The hotfix is available here as a ZIP archive and requires Web Help Desk 12.8.3.1813. Admins have to manually add and modify specific files for the patch to work.

SolarWinds has published a support article that provides complete instructions on how to apply the hotfix as well as remove it.

SolarWinds recommends  creating backup copies of the original files before replacing them, to avoid potential trouble in the case the hotfix was not applied correctly.

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

lade-bild
London, GB
11:50 am, Juli 11, 2025
Wetter-Symbol 29°C
L: 27° | H: 31°
wenige Wolken
Luftfeuchtigkeit: 44 %
Druck: 1020 mb
Wind: 7 mph E
Windböe: 0 mph
UV-Index: 0
Niederschlag: 0 mm
Wolken: 13%
Regen Chance: 0%
Sichtbarkeit: 10 km
Sonnenaufgang: 4:56 am
Sonnenuntergang: 9:15 pm
TäglichStündlich
Tägliche VorhersageStündliche Vorhersage
Today 10:00 pm
Wetter-Symbol
27° | 31°°C 0 mm 0% 8 mph 47 % 1020 mb 0 mm/h
Tomorrow 10:00 pm
Wetter-Symbol
18° | 30°°C 0 mm 0% 9 mph 65 % 1018 mb 0 mm/h
So. Juli 13 10:00 pm
Wetter-Symbol
17° | 27°°C 0 mm 0% 7 mph 73 % 1014 mb 0 mm/h
Mo. Juli 14 10:00 pm
Wetter-Symbol
20° | 29°°C 0 mm 0% 14 mph 71 % 1017 mb 0 mm/h
Di. Juli 15 10:00 pm
Wetter-Symbol
15° | 27°°C 0 mm 0% 13 mph 71 % 1021 mb 0 mm/h
Today 1:00 pm
Wetter-Symbol
29° | 29°°C 0 mm 0% 3 mph 44 % 1020 mb 0 mm/h
Today 4:00 pm
Wetter-Symbol
29° | 31°°C 0 mm 0% 5 mph 39 % 1019 mb 0 mm/h
Today 7:00 pm
Wetter-Symbol
28° | 28°°C 0 mm 0% 5 mph 33 % 1018 mb 0 mm/h
Today 10:00 pm
Wetter-Symbol
22° | 22°°C 0 mm 0% 8 mph 47 % 1019 mb 0 mm/h
Tomorrow 1:00 am
Wetter-Symbol
18° | 18°°C 0 mm 0% 4 mph 55 % 1018 mb 0 mm/h
Tomorrow 4:00 am
Wetter-Symbol
19° | 19°°C 0 mm 0% 4 mph 65 % 1018 mb 0 mm/h
Tomorrow 7:00 am
Wetter-Symbol
19° | 19°°C 0 mm 0% 6 mph 64 % 1018 mb 0 mm/h
Tomorrow 10:00 am
Wetter-Symbol
24° | 24°°C 0 mm 0% 6 mph 45 % 1017 mb 0 mm/h
Name Preis24H (%)
Bitcoin(BTC)
€100,962.14
6.40%
Ethereum(ETH)
€2,570.28
8.10%
Fesseln(USDT)
€0.85
0.02%
XRP(XRP)
€2.26
8.46%
Solana(SOL)
€140.86
4.43%
USDC(USDC)
€0.85
0.00%
Dogecoin(DOGE)
€0.170497
10.23%
Shiba Inu(SHIB)
€0.000012
7.70%
Pepe(PEPE)
€0.000011
15.16%
Peanut das Eichhörnchen(PNUT)
€0.246894
20.17%
Nach oben scrollen