August 15, 2024Ravie LakshmananCorporate Security / Vulnerability

SolarWinds has released patches to address a critical vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on vulnerable instances.

The vulnerability, identified as CVE-2024-28986 (CVSS score: 9.8), is described as a deserialization bug.

“SolarWinds Web Help Desk was exposed to a Java deserialization remote code execution vulnerability. If exploited, this vulnerability could allow an attacker to execute commands on the host computer,” the company said in an alert.

“Although it was reported as an unauthenticated vulnerability, after extensive testing SolarWinds was unable to reproduce it without authentication.”

The issue affects all versions of SolarWinds Web Help Desk, including and prior to 12.8.3. The issue is resolved in hotfix version 12.8.3 HF 1.

The announcement follows the patching of a high-severity vulnerability in Cortex XSOAR that could lead to command injection and code execution.

The CVE identifier is assigned CVE-2024-5914 (CVSS score: 7.0). The flaw impacts all versions of Cortex XSOAR CommonScripts prior to 1.12.33.

“A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container,” the company said.

“To be visible, an integration must use the ScheduleGenericPolling or GenericPollingScheduledTask scripts from the CommonScripts package.”

Palo Alto Networks also addresses two moderate severity issues listed below:

• CVE-2024-5915 (CVSS score: 5.2) – A privilege escalation (PE) vulnerability in the GlobalProtect app on Windows devices that could allow a local user to run programs with elevated privileges

• CVE-2024-5916 (CVSS Score: 6.0) – An information exposure vulnerability in PAN-OS software that could allow a local system administrator to access secrets, passwords, and tokens of remote systems

Users are advised to update to the latest version to reduce potential risks. As a precaution, it is also recommended to revoke the secrets, passwords, and tokens configured in PAN-OS firewalls after the upgrade.