https://community.isc2.org/t5/Threats/CISA-warns-critical-SolarWinds-RCE-bug-is-exploited-in-attacks/m-p/73255#M1356 <P>Hi All</P><P>&nbsp;</P><P>CISA warned on Thursday that attackers are exploiting a recently patched critical vulnerability in SolarWinds' Web Help Desk solution for customer support.</P><P>Web Help Desk (WHD) is IT help desk software widely used by large corporations, government agencies, and healthcare and education organizations worldwide to centralize, automate, and streamline help desk management tasks.</P><P>Tracked as <A href="https://nvd.nist.gov/vuln/detail/CVE-2024-28986" target="_blank" rel="nofollow noopener">CVE-2024-28986</A>, this Java deserialization security flaw allows threat actors to gain remote code execution on vulnerable servers and run commands on the host machine following successful exploitation.</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/cisa-warns-critical-solarwinds-rce-bug-is-exploited-in-attacks/" target="_blank">https://www.bleepingcomputer.com/news/security/cisa-warns-critical-solarwinds-rce-bug-is-exploited-in-attacks/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Tue, 20 Aug 2024 02:19:35 GMT Caute_cautim 2024-08-20T02:19:35Z https://community.isc2.org/t5/Threats/CISA-warns-critical-SolarWinds-RCE-bug-is-exploited-in-attacks/m-p/73255#M1356 <P>Hi All</P><P>&nbsp;</P><P>CISA warned on Thursday that attackers are exploiting a recently patched critical vulnerability in SolarWinds' Web Help Desk solution for customer support.</P><P>Web Help Desk (WHD) is IT help desk software widely used by large corporations, government agencies, and healthcare and education organizations worldwide to centralize, automate, and streamline help desk management tasks.</P><P>Tracked as <A href="https://nvd.nist.gov/vuln/detail/CVE-2024-28986" target="_blank" rel="nofollow noopener">CVE-2024-28986</A>, this Java deserialization security flaw allows threat actors to gain remote code execution on vulnerable servers and run commands on the host machine following successful exploitation.</P><P>&nbsp;</P><P><A href="https://www.bleepingcomputer.com/news/security/cisa-warns-critical-solarwinds-rce-bug-is-exploited-in-attacks/" target="_blank">https://www.bleepingcomputer.com/news/security/cisa-warns-critical-solarwinds-rce-bug-is-exploited-in-attacks/</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Tue, 20 Aug 2024 02:19:35 GMT https://community.isc2.org/t5/Threats/CISA-warns-critical-SolarWinds-RCE-bug-is-exploited-in-attacks/m-p/73255#M1356 Caute_cautim 2024-08-20T02:19:35Z