← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-28986 — Actively Exploited: Web Help Desk (SolarWinds)

SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.

CVE IDCVE-2024-28986
VendorSolarWinds
ProductWeb Help Desk
Vulnerability nameSolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
Date added2024-08-15
Remediation due2024-09-05
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionSolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →