Mitigation Instructions for CVE-2024-28987
Subject: Mitigating CVE-2024-28987: Hardcoded Credentials Vulnerability in SolarWinds Web Help Desk
1 min read
CyRisk Vulnerability Management Team : Feb 23, 2024 4:42:48 PM
SUBJECT: Critical RCE Vulnerability (CVE-2024-0519) in Google Chrome - Update Immediately
TECH STACK: Google Chrome versions prior to 120.0.6099.224
DATE(S) ISSUED: 01/16/2024
NVD Last Modified: 01/22/2024
CRITICALITY: HIGH (Base Score 8.8)
OVERVIEW:
A critical remote code execution (RCE) vulnerability exists in Google Chrome due to an out-of-bounds memory access in V8. This vulnerability allows attackers to potentially exploit heap corruption via a crafted HTML page, leading to the execution of arbitrary code on affected devices. This vulnerability is actively exploited in the wild, posing a significant risk to users browsing the internet with vulnerable versions of Chrome.
SOLUTION/MITIGATION:
The most effective mitigation is to update Google Chrome to version 120.0.6099.224 or later as soon as possible. This update patches the vulnerability and significantly reduces the risk of exploitation.
Additional mitigation steps:
Additional mitigation steps:
REFERENCES:
Subject: Mitigating CVE-2024-28987: Hardcoded Credentials Vulnerability in SolarWinds Web Help Desk
Subject: Mitigating CVE-2017-1000486: Remote Code Execution Vulnerability in PrimeTek PrimeFaces
Subject: Mitigating Vulnerability in Unsupported Drupal 8.x