ClickySkip to main content
Need help with a cyber incident now?
Call 24/7: +31 88-2747800

SolarWinds Web Help Desk vulnerability

This live blog contains information regarding vulnerabilities in SolarWinds Web Help Desk. As soon as we have an update, we’ll add it to this post. More information about possible risks and details can be found at the bottom of this blog. Last updated on March 19, 2022.

Update March 19, 2022

10:00 | Recently, Solarwinds shared information about a remote attack on SolarWinds Web Help Desk (WHD) version 12.7.5. This information was shared by a SolarWinds customer. little information is known yet. SolarWinds is currently investigating this vulnerability. They have not yet been able to reproduce this scenario and are working with the client to continue the investigation.

Tesorion and SolarWinds are advising all SolarWinds Web Help Desk customers whose WHD implementation is externally accessible to remove it (temporarily) from the public (Internet-facing) infrastructure before we know more. If you are unable to remove it from your public infrastructure at this time, we recommend that you ensure that you have added EDR software and are monitoring the WHD environment.

Reason and background of this blog

This blog contains information about vulnerabilities, the possible risk and advice on how to prevent or limit damage. Below are the possible risks, details and background information.

Potential risk

A SolarWinds customer reported a remote attack attempt on their copy of Web Help Desk (WHD) 12.7.5. The SolarWinds customer’s endpoint detection and response system (EDR) blocked the attack and notified the SolarWinds customer of the issue. For more information, see the SolarWinds message.

Detail info

The known information is limited. We keep you updated.

A SolarWinds customer reported a remote attack attempt on their copy of Web Help Desk (WHD) 12.7.5. The SolarWinds customer’s endpoint detection and response system (EDR) blocked the attack and notified the SolarWinds customer of the issue. For more information, see the SolarWinds message.

Background

A SolarWinds customer reported a remote attack attempt on their copy of Web Help Desk (WHD) 12.7.5. The SolarWinds customer’s endpoint detection and response system (EDR) blocked the attack and notified the SolarWinds customer of the issue. For more information, see the SolarWinds message.

Subscribe

Do you want to be informed in time? Sign up for our technical updates

Would you like to receive these critical vulnerabilities by e-mail from now on? Enter your e-mail address below.

Tesorion uses your personal data to send out requested information and possibly for contact by telephone and for marketing and sales purposes. You can change your preferences whenever you want. Read our privacy policy for more information.