T-Update

Information about vulnerabilities

This live blog contains information regarding vulnerabilities in SolarWinds Web Help Desk. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog. Last updated on March 19, 2022.

Update March 19, 2022

10:00 | Recently, Solarwinds shared information about a remote attack on SolarWinds Web Help Desk (WHD) version 12.7.5. This information was shared by a SolarWinds customer. little information is known yet. SolarWinds is currently investigating this vulnerability. They have not yet been able to reproduce this scenario and are working with the client to continue the investigation.

Tesorion and SolarWinds are advising all SolarWinds Web Help Desk customers whose WHD implementation is externally accessible to remove it (temporarily) from the public (Internet-facing) infrastructure before we know more. If you are unable to remove it from your public infrastructure at this time, we recommend that you ensure that you have added EDR software and are monitoring the WHD environment.

‍

Customized cyber security

Background

A SolarWinds customer reported a remote attack attempt on their copy of Web Help Desk (WHD) 12.7.5. The SolarWinds customer’s endpoint detection and response system (EDR) blocked the attack and notified the SolarWinds customer of the issue. For more information, see the SolarWinds message.

Risk

Advice

Sources

More information:

SolarWinds melding

Sign up to receive T-Updates

Receive the latest vulnerabilities in your email every Wednesday

More than 1,000 organisations have already joined us.

Expertise

Cyber emergency?

088 27 47 800