This critical SolarWinds bug is already being exploited, so patch now

Padlock against circuit board/cybersecurity background
(Image credit: Future)

A critical vulnerability plaguing a SolarWinds product is being actively exploited to remotely run malicious code on flawed servers. Since the patch is available, users are advised to apply it immediately and thus secure their endpoints.

It was recently reported SolarWinds' Web Help Desk has a Java deserialization security vulnerability, that allows threat actors to run code and commands, remotely. The vulnerability is tracked as CVE-2024-28986 and carries a severity score of 9.8 (critical).

SolarWinds' Web Help Desk is a web-based help desk software platform designed to manage IT service requests and streamline support operations. It offers features such as ticketing management, asset management, change management, and knowledge base integration. The software allows IT teams to track and resolve issues more efficiently by automating workflows, assigning tickets, and providing self-service options for end-users.

Proof of abuse

SolarWinds pushed a patch last Wednesday, and urged its users to apply it, despite having no proof of in-the-wild exploits at the time.

"While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available," SolarWinds said.

"WHD 12.8.3 Hotfix 1 should not be applied if SAML Single Sign-On (SSO) is utilized. A new patch will be available shortly to address this problem." Before applying the fix, users should upgrade their servers to 12.8.3.1813.

A few days following the announcement, the US Cybersecurity and Infrastructure Security Agency (CISA) added the bug to its Known Exploited Vulnerabilities (KEV) catalog, which means it has evidence of in-the-wild abuse. As a result, all federal agencies have until September 5 to patch vulnerable servers, or stop using the tool altogether.

Via BleepingComputer

More from TechRadar Pro

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Representational image depecting cybersecurity protection
Hackers are breaking SonicWall products to target business networks
A VPN runs on a mobile phone placed on a laptop keyboard
SonicWall firewalls hit by worrying cyberattack
Best free Linux firewalls
Fortinet warns a critical vulnerability in its systems could let attackers breach company networks
Best free Linux firewalls
SonicWall tells admins to patch worrying SSLVPN flaw immediately
A person at a laptop with a cybersecure lock symbol floating above it.
Hackers are still using old Ivanti bugs to break into networks
Representational image depecting cybersecurity protection
Ivanti reveals major security update, so make sure you're protected
Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over