A critical Remote Code Execution (RCE) vulnerability, tracked as CVE-2024-28988, affects SolarWinds Web Help Desk (WHD), a widely used IT service management software. This vulnerability stems from a Java deserialization flaw, potentially enabling a remote, unauthenticated attacker to execute arbitrary code on vulnerable WHD instances. The flaw could allow an attacker to gain full control of the affected system, potentially leading to data theft, system compromise, and other malicious activities. SolarWinds has released a hotfix to address this vulnerability, and organizations using WHD are strongly advised to apply the patch immediately to mitigate the risk.
The US Cybersecurity and Infrastructure Security Agency (CISA) has added three new security vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, due to confirmed reports of active exploitation in the wild. These vulnerabilities pose significant risks to organizations and require immediate attention. The three vulnerabilities added to the KEV Catalog include a format string vulnerability in multiple Fortinet products, a SQL injection vulnerability in Ivanti Cloud Services Appliance (CSA), and an OS command injection vulnerability in Ivanti CSA. The addition of these vulnerabilities to the KEV Catalog highlights the ongoing threat posed by malicious cyber actors who actively exploit known vulnerabilities. CISA urges all organizations to prioritize timely remediation of vulnerabilities listed in the KEV Catalog as part of their vulnerability management practices to reduce their exposure to cyberattacks.