This critical SolarWinds bug is already being exploited, so patch now

A critical vulnerability affecting a SolarWinds product is being actively exploited to remotely execute malicious code on compromised servers. As the patch is available, users are advised to apply it immediately to secure their endpoints.

It was recently reported that SolarWinds’ Web Help Desk has a Java deserialization security vulnerability, allowing threat actors to execute code and commands remotely. The vulnerability is tracked as CVE-2024-28986 and has a severity rating of 9.8 (critical).