SolarWinds recently addressed another critical vulnerability, this time in its Web Help Desk (WHD) software. Hackers can exploit the vulnerability to log into unpatched systems using hard-coded login credentials and remote Java code attacks.
The vulnerability in the WHD software allows unauthorized attackers to break into systems by using hard-coded login credentials. They can then access internal functionality and modify data on these systems. This latest vulnerability, CVE-2024-28987, was discovered by a researcher from security specialist Horizon3.ai.
Web Help Desk (WHD) is software for IT help desks. Its main users are government agencies, large corporations, and healthcare and educational institutions. It allows them to streamline and automate their help desk management tasks.
Fix solves two vulnerabilities
SolarWinds’ now-released hotfix for WHD also covers the CVE-2024-28986 discovered earlier this month. This vulnerability is a so-called Java Deserialization Remote Code Execution vulnerability. When hackers run it, they can execute commands on the vulnerable machine.
Incidentally, SolarWinds could not reproduce this vulnerability, but the software specialist recommends installing the hotfix.
Detailed instructions
SolarWinds’ security bulletin also clearly explains how companies and organizations can install and uninstall the affected hotfix. Vulnerable servers must first be upgraded to WHD version 12.8.3.1813 or 12.8.3 HF1.
It is also recommended that backups be made of all original files before replacing them while running the hotfix. This will prevent potential problems should anything go wrong during the update process.
SolarWinds has already released hotfixes for potential vulnerabilities in its software several times this year between February and July. The last patch update was in June of this year.
Also read: Critical SolarWinds bug requires immediate patching due to active exploitation