Security News > 2022 > March > SolarWinds warns of attacks targeting Web Help Desk instances

SolarWinds warns of attacks targeting Web Help Desk instances
2022-03-16 20:18

SolarWinds warned customers of attacks targeting Internet-exposed Web Help Desk instances and advised removing them from publicly accessible infrastructure.

"A SolarWinds customer reported an external attempted attack on their instance of Web Help Desk 12.7.5. The customer's endpoint detection and response system blocked the attack and alerted the customer to the issue," SolarWinds said.

"In an abundance of caution, SolarWinds recommends all Web Help Desk customers whose WHD implementation is externally facing to remove it from your public infrastructure until we know more."

Customers who cannot immediately remove WHD instances from Internet-exposed servers are advised to deploy EDR software and monitor them for attack attempts.

"We received a report from one customer about an attempted attack that was not successful," a SolarWinds spokesperson told BleepingComputer.

As detailed in the CVE-2021-35251 advisory, attackers could exploit unpatched WHD instances to access environmental details about the Web Help Desk installation, which might make abusing the other three security bugs easier.


News URL

https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-attacks-targeting-web-help-desk-instances/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2021-35251 Information Exposure Through an Error Message vulnerability in Solarwinds web Help Desk
Sensitive information could be displayed when a detailed technical error message is posted.
network
low complexity
solarwinds CWE-209
5.3

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 44 0 80 95 40 215