SolarWinds Web Help Desk vulnerability rated critically high (9.8)

SolarWinds Web Help Desk vulnerability rated critically high (9.8)

SolarWinds Urges Patch for Critical Web Help Desk Vulnerability

SolarWinds, a popular IT management and help desk ticketing solution, has issued a warning to its users regarding a critical Java deserialization remote code execution vulnerability (CVE-2024-28986) in its Web Help Desk application. The vulnerability, which has a CVSS score of 9.8, indicating high severity, was first detected and tagged by Shadowserver on August 22, 2024.

The vulnerability impacts versions 12.8.3 and earlier of the SolarWinds Web Help Desk application. Users of these versions are advised to apply the hotfix out of an abundance of caution, as the vulnerability has been confirmed as exploited in the wild and is listed on the Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEV) catalog.

However, it's important to note that the patch should not be applied if security assertion markup language for single-sign on is utilized, as a new patch will be issued to address that scenario. The patch for the vulnerability can be downloaded from the SolarWinds customer portal.

Fortunately, the patch does not require a reinstallation of the entire application. SolarWinds Web Help Desk versions 12.8.4 and later are not affected by the vulnerability.

SolarWinds disclosed the vulnerability in a Tuesday advisory, which was last updated on Friday. The company has not yet disclosed a timeline for the release of the patch addressing the issue with security assertion markup language for single-sign on.

The SolarWinds Web Help Desk application is widely used by various small to mid-sized businesses, and it's also popular among companies with remote workers. SolarWinds recommends users to test the patch in a non-production environment before applying it to their production systems.

Despite the confirmed exploitation of the vulnerability, the Cybersecurity and Infrastructure Security Agency has not reported any known exploitation of the vulnerability in the wild.

[1] Shadowserver. (2024). CVE-2024-28986: SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability. https://www.shadowserver.org/wiki/index.php/CVE-2024-28986 [4] CISA. (2025). Known Exploited Vulnerabilities (KEV). https://www.cisa.gov/known-exploited-vulnerabilities

Read also:

• Dynamic interplay of power and communication channels set the course for the network's new era
• Interview with Jimmy Mesta, Co-Founder and CTO of RAD Security, on the Real-Time Defense Company
• AI identifies fraud during a phone call by Bilin
• Exploring Advanced Methods in Creating Virtual Reality Applications