SolarWinds Urges Upgrade After Revealing Critical RCE Bug

Summary: SolarWinds has issued an urgent advisory for customers to patch a critical vulnerability (CVE-2024-28986) in its Web Help Desk platform, which could allow remote code execution. The vulnerability has a high CVSS score of 9.8, emphasizing the need for immediate action to secure affected systems.

Threat Actor: Unknown | unknown
Victim: SolarWinds customers | SolarWinds customers

Key Point :

  • Critical vulnerability CVE-2024-28986 allows remote code execution via Java deserialization.
  • All versions of Web Help Desk must be upgraded to WHD 12.8.3 and a hotfix applied.
  • SolarWinds recommends backing up files before applying the hotfix.
  • A US judge dismissed most SEC charges against SolarWinds related to a 2021 security breach, citing lack of evidence for concealment of security weaknesses.

IT management software provider SolarWinds has urged customers to immediately patch a critical vulnerability in its Web Help Desk platform.

CVE-2024-28986 is a Java deserialization remote code execution (RCE) bug discovered by Inmarsat Government researchers, according to an advisory published yesterday.

“SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine,” it explained.

“While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.”

The vendor said that all versions of Web Help Desk (WHD) should be upgraded to WHD 12.8.3, and then the hotfix should be installed.

CVE-2024-28986 has been given a CVSS v3 score of 9.8, illustrating the criticality of patching the issue immediately. SolarWinds has published instructions on how to upgrade to WHD 12.8.3 and install the hotfix, as well as how to uninstall it if required.

Read more on SolarWinds: Three More Vulnerabilities Found in SolarWinds Products

The firm also suggested that customers backup several files before applying the hotfix.

SolarWind Faces Legal Scrutiny

In July a US judge dismissed most of the charges brought by the SEC against SolarWinds for a 2021 security breach which impacted thousands of customers.

He ruled that claims that SolarWinds and CISO Timothy Brown concealed the firm’s security weaknesses after the incident, thereby defrauding their investors, were based on “hindsight and speculation.”

The judge also dismissed SEC claims that the firm effectively hid cybersecurity weaknesses in its products before the attack.

However, he did rule that there are legitimate concerns about the failure of security controls embedded in SolarWinds products.

Source: https://www.infosecurity-magazine.com/news/solarwinds-upgrade-critical-rce-bug