SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software

SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on susceptible instances.

The flaw, tracked as CVE-2024-28986 (CVSS score: 9.8), has been described as a deserialization bug.

SolarWinds Web Help Desk was found to be susceptible to a Java deserialization remote code execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine

Assigned the CVE identifier CVE-2024-5914 (CVSS score: 7.0), the shortcoming impacts all versions of Cortex XSOAR CommonScripts before 1.12.33.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the SolarWinds flaw CVE-2024-28986 to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. Federal agencies are required to apply the fixes by September 5, 2024.

SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA

Address

SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software

15-August-24

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA

Address