SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability - 北京赛克艾威科技有限公司

SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

北京赛克艾威科技有限公司 2024-08-15

漏洞编号：CVE-2024-28986
漏洞等级：严重
漏洞标签：SolarWinds、Web Help Desk、在野利用
发布时间：2024-08-15

漏洞描述

SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could allow for remote code execution.

修复建议

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

参考链接

https://www.solarwinds.com/trust-center/security-advisories/cve-2024-28986

https://www.cisa.gov/known-exploited-vulnerabilities-catalog