This critical SolarWinds bug is already being exploited, so patch now

News
By published

A few days after being unveiled, there is already evidence of abuse

Padlock against circuit board/cybersecurity background
(Image credit: Future)

A critical vulnerability plaguing a SolarWinds product is being actively exploited to remotely run malicious code on flawed servers. Since the patch is available, users are advised to apply it immediately and thus secure their endpoints.

It was recently reported SolarWinds' Web Help Desk has a Java deserialization security vulnerability, that allows threat actors to run code and commands, remotely. The vulnerability is tracked as CVE-2024-28986 and carries a severity score of 9.8 (critical).

SolarWinds' Web Help Desk is a web-based help desk software platform designed to manage IT service requests and streamline support operations. It offers features such as ticketing management, asset management, change management, and knowledge base integration. The software allows IT teams to track and resolve issues more efficiently by automating workflows, assigning tickets, and providing self-service options for end-users.

Proof of abuse

SolarWinds pushed a patch last Wednesday, and urged its users to apply it, despite having no proof of in-the-wild exploits at the time.

"While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available," SolarWinds said.

"WHD 12.8.3 Hotfix 1 should not be applied if SAML Single Sign-On (SSO) is utilized. A new patch will be available shortly to address this problem." Before applying the fix, users should upgrade their servers to 12.8.3.1813.

A few days following the announcement, the US Cybersecurity and Infrastructure Security Agency (CISA) added the bug to its Known Exploited Vulnerabilities (KEV) catalog, which means it has evidence of in-the-wild abuse. As a result, all federal agencies have until September 5 to patch vulnerable servers, or stop using the tool altogether.

Via BleepingComputer

More from TechRadar Pro

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Representational image depecting cybersecurity protection
Hackers are breaking SonicWall products to target business networks
A VPN runs on a mobile phone placed on a laptop keyboard
SonicWall firewalls hit by worrying cyberattack
Best free Linux firewalls
Fortinet warns a critical vulnerability in its systems could let attackers breach company networks
Best free Linux firewalls
SonicWall tells admins to patch worrying SSLVPN flaw immediately
A person at a laptop with a cybersecure lock symbol floating above it.
Hackers are still using old Ivanti bugs to break into networks
Representational image depecting cybersecurity protection
Ivanti reveals major security update, so make sure you're protected
Latest in Security
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Latest in News
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 23 (game #385)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 23 (game #651)
Google Pixel 9 Pro Fold main display opened
Apple is rumored to be prioritizing battery life on the foldable iPhone – which could also feature a liquid metal hinge for added durability
Google Pixel 9
The Google Pixel 10 just showed up in Android code – and may come with a useful speed boost
L-mount alliance
Sirui joins L-Mount Alliance to deliver its superb budget lenses for Leica, DJI, Sigma and Panasonic cameras
More about security
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)

This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
MSI Roamii BE Lite

I reviewed the MSI Roamii BE Lite – it's affordable Wi-Fi 7, but there's a catch
See more latest
Most Popular
Vinpower iXFlash and iXFlash Cube
This tiny 2TB USB Flash drive can both charge and backup your iPhone at the same time
Compal Adapt X modular laptop
One of the largest laptop manufacturers releases concept pictures of Adapt X, a modular laptop in the same vein as Framework
Anycubic foldable portable 3D printer
Anycubic may launch this gorgeous foldable portable 3D printer any day soon, and I can't wait to try it out
HP Fury G1i 18"
'2-inches gets you 30% more screen': HP is pitching 18-inch laptop as the best new thing in tech
Framework Desktop
Framework's Desktop is selling like hot cakes; Ryzen Max+ 395, Max 383 batches are sold out with next shipment in Q3
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Sunday, March 23 (game #651)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 23 (game #385)
Google Pixel 9 Pro Fold main display opened
Apple is rumored to be prioritizing battery life on the foldable iPhone – which could also feature a liquid metal hinge for added durability
A person using a smartphone with an ecommerce website showing on a laptop.
Consumers are warming up to AI assistants, survey finds - 1/3 of us would allow AI to make purchases