CVE-2024-28986

Known Exploited
SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability

Description

SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing.   However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.

Remediation

Solution:

  • All SolarWinds Web Help Desk customers are advised to upgrade to the latest version of the SolarWinds Web Help Desk 12.8.3 HF 1

Category

9.8
CVSS
Severity: Critical
CVSS 3.1 •
EPSS 32.62% Top 5%
KEV Since 
Vendor Advisory solarwinds.com Vendor Advisory solarwinds.com
Affected: SolarWinds Web Help Desk
Published at:
Updated at:

References

Link Tags
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28986 vendor advisory
https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1 vendor advisory

Frequently Asked Questions

What is the severity of CVE-2024-28986?
CVE-2024-28986 has been scored as a critical severity vulnerability.
How to fix CVE-2024-28986?
To fix CVE-2024-28986: All SolarWinds Web Help Desk customers are advised to upgrade to the latest version of the SolarWinds Web Help Desk 12.8.3 HF 1
Is CVE-2024-28986 being actively exploited in the wild?
It is confirmed that CVE-2024-28986 is actively exploited. Be extra cautious if you are using vulnerable components. According to its EPSS score, there is a ~33% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-28986?
CVE-2024-28986 affects SolarWinds Web Help Desk.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.