1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Critical severity flaw warning issued by CISA for SolarWinds Web

    From TechnologyDaily@1337:1/100 to All on Wed Oct 16 18:15:05 2024
    Critical severity flaw warning issued by CISA for SolarWinds Web Help Desk

    Date:
    Wed, 16 Oct 2024 17:02:00 +0000

    Description:
    A bug discovered last summer is being actively exploited so make sure you apply the patch.

    FULL STORY ======================================================================

    A critical vulnerability in a SolarWinds product is being abused in the wild, and now US government agencies have a deadline to patch it or lose it.

    The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-28987 to its Known Exploited Vulnerabilities (KEV) catalog. When a vulnerability is added to this list, it means there is evidence of
    in-the-wild abuse.

    This flaw resides in Web Help Desk, a web-based IT service management
    software that streamlines and automates help desk ticketing, asset
    management, and IT service management processes. It is considered one of SolarWinds most popular products, and offers things like ticketing, incident and problem management, and a self-service portal. IT support teams around
    the world are using this product every day. Deadline to patch

    The bug is the result of a simple oversight by the SolarWinds team - admin credentials were left hardcoded in Web Help Desk. That means that miscreants can access their targets endpoints easily, by logging in as an admin. This flaw carries a severity score of 9.1/10 and is deemed critical. It affects
    Web Help Desk 12.8.3 HF1 and all previous versions.

    The earliest clean version is 12.8.3 HF2.

    Since the patch is available, federal agencies have a three-week deadline (by November 5) to apply it. It needs to be applied manually, as there is no automatic solution. Alternatively, they can stop using the tool altogether.

    Hardcoded credentials are a frequent occurrence. In October last year, for example, it was found that Cisco Emergency Responder (CER), the companys emergency communication system used to respond to crises in a timely manner, had hardcoded credentials . In March 2024, researchers found that millions of GitHub projects had the same problem.

    CISA did not detail who the crooks are, who they are targeting with this vulnerability, or how it is being exploited in the real world.

    Via The Hacker News More from TechRadar Pro SolarWinds left some serious security flaws in its Web Desk Help platform, and now it's under attack
    Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/critical-severity-flaw-warning-issued-b y-cisa-for-solarwinds-web-help-desk


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)