Executive Summary

SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

CVSS Score: 9.0/10.0
Severity: CRITICAL

Affected Systems

  • SolarWinds Web Help Desk

Detection & Mitigation

  • Apply vendor patches as soon as available
  • Monitor for indicators of compromise
  • Review vendor advisories for specific guidance

References