A critical vulnerability has been identified in SolarWinds Web Help Desk (WHD), a popular service management software used by IT support teams. The flaw is currently being actively exploited, which is why it has been included in CISA’s Known Exploited Vulnerabilities (KEV) Catalog.
| Product | SolarWinds Web Help Desk |
| Date | 2024-10-17 12:38:15 |
| Information |
|
Technical Summary
CVE-2024-28987 allows unauthenticated remote attackers to access internal functionality using hardcoded credentials. This vulnerability enables attackers to modify data within the system, potentially resulting in data breaches or further malicious activity.
Recommendations
Apply the latest available patches immediately. Agencies must update to version 12.8.3 Hotfix 2 or higher by November 5, 2024, to secure their networks and prevent unauthorized access or data compromise.
[Callforaction-THREAT-Footer]
