ICS: Multiple Siemens Products Vulnerabilities
August 15, 2024SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs
August 15, 2024ICS: Multiple Siemens Products Vulnerabilities
August 15, 2024SideWinder APT Group aka Rattlesnake Targeting Pakistan – Active IOCs
August 15, 2024Severity
High
Analysis Summary
CVE-2024-28986
SolarWinds Web Help Desk could allow a remote attacker to execute arbitrary code on the system, caused by a Java deserialization vulnerability. An attacker could exploit this vulnerability to run commands on the host machine.
Impact
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-28986
Affected Vendors
Affected Products
- SolarWinds Web Help Desk - 12.8.3
Remediation
Upgrade to the latest version of Web Help Desk, available from the SolarWinds Website.