Which versions of Web Help Desk are affected by CVE-2024-28987?

The vulnerability affects Web Help Desk versions prior to 12.8.3.1813 or 12.8.3 HF1. Users should update to Web Help Desk 12.8.3 Hotfix 2, which patches this issue.

What steps should administrators take before applying the hotfix?

Administrators should back up all original files before applying the hotfix to mitigate any issues in case the fix does not apply correctly. They should also ensure their systems are upgraded to the specified versions before deploying the latest hotfix.

Advisory

SolarWinds fixes second critical flaw in Web Help Desk in a week

Q: What is the new critical vulnerability in SolarWinds Web Help Desk (WHD)?

The new critical vulnerability in SolarWinds Web Help Desk (WHD) is tracked as CVE-2024-28987, with a CVSS score of 9.1. It allows attackers to log into unpatched systems using hardcoded credentials, granting unauthorized access to internal functionality and enabling data modification.

Q: What other vulnerability is addressed in this hotfix?

This hotfix also carries the patch for the previously reported critical remote code execution (RCE) vulnerability, CVE-2024-28986, which was fixed on August 14 and reported by CISA as being actively exploited.

published: Aug. 22, 2024

Take action: Another critical flaw in Web Help Desk - this one is with hardcoded credentials. Review the patch instructions and test the patch. If your WHD is not exposed on the internet, you can wait for the full patch. Otherwise, follow the instructions and apply the hotfix, or you will be hacked - hackers love SolarWinds products. After the release of the PoC, it's time to patch urgently, because hackers now have all the details to attack you.

Learn More

SolarWinds has released a hotfix for another critical vulnerability in its Web Help Desk (WHD) software. Web Help Desk is widely deployed by government agencies, large corporations, healthcare institutions, and educational organizations to manage IT help desk operations.

The second critical flaw in a week is tracked as CVE-2024-28987 (CVSS score 9.1) allows attackers to log into unpatched systems using hardcoded credentials, granting unauthorized access to internal functionality and enabling data modification on compromised devices.

The vulnerability affects versions prior to Web Help Desk 12.8.3.1813 or 12.8.3 HF1. Users are strongly advised to update to Web Help Desk 12.8.3 Hotfix 2, which patches this issue.

Administrators are instructed to back up all original files before applying the hotfix to mitigate any issues in case the fix does not apply correctly. The company also emphasizes the importance of upgrading to the specified versions before deploying the latest hotfix.

In addition to CVE-2024-28987, this hotfix carries the patch for the previously reported critical remote code execution (RCE) vulnerability, CVE-2024-28986, which was fixed on August 14 and reported by CISA as being actively exploited.

Update - as of 25th of September 2024, details and proof-of-concept (PoC) exploit code for CVE-2024-28987 have been made public. Administrators are urged to patch soon.

SolarWinds fixes second critical flaw in Web Help Desk in a week

Read More
ChatGPT-Next-Web user interface vulnerable to critical SSRF flaw
Bitdefender Total Security fixes multiple flaws classified as …
Critical Remote Code Execution Vulnerability in OpenSSH's Server
Atlassian releases security updates for server instances
Critical flaw in SUSE Manager exposes enterprise deployments …