SolarWinds的IT服務臺系統存在重大漏洞,疑似已出現未經授權的攻擊行動
支付動態 · 2024-10-18
SolarWinds旗下IT服務臺系統Web Help Desk出現重大層級漏洞CVE-2024-28988,若不處理,攻擊者就有機會遠端於受害系統執行任意程式碼,呼籲用戶儘速安裝更新
本週SolarWinds針對旗下的IT服務臺系統Web Help Desk發布資安公告,指出該系統存在重大層級的CVE-2024-28988,這項漏洞涉及Java的去序列化處理,攻擊者有機會遠端執行程式碼(RCE),影響12.8.3 HF2版以前的系統,CVSS風險評為9.8分,該公司推出12.8.3 HF3修補,並呼籲用戶儘速套用。
SolarWind之所以發現這項漏洞,是因為接獲趨勢科技漏洞懸賞專案Zero Day Initiative(ZDI)的通報,研究人員在調查另一項漏洞的過程,發現了CVE-2024-28988。
值得留意的是,ZDI在調查漏洞的過程,觀察到未經授權的攻擊行動,這代表該漏洞可能已被駭客掌握,並實際嘗試利用的現象。
Popular articles
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
Indiana online casino bill stalls in House committee
Regulation
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
British gambling levy rates confirmed for each vertical
Regulation
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
