CVE-2024-28986

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 13, 2024

Updated: Aug 16, 2024

CWE ID 502

Summary

CVE-2024-28986 is a Java Deserialization Remote Code Execution vulnerability affecting SolarWinds Web Help Desk. If exploited, an attacker could gain control of the host machine. Although initially reported as an unauthenticated vulnerability, SolarWinds has not been able to reproduce it without authentication. As a precautionary measure, SolarWinds urges all Web Help Desk customers to install the available patch to mitigate potential risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

SolarWinds Web Help Desk

Affected Vendors

Web Help Desk
SolarWinds Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vJEaCS
https://www.cve.org/CVERecord?id=CVE-2024-28986
https://nvd.nist.gov/vuln/detail/CVE-2024-28986

Back to Vulnerability Database