Critical Denial-of-Service Vulnerability in SolarWinds Web Help Desk
Severity: High (Score: 69.2)
Sources: Heise.De, www.solarwinds.com
Published: · Updated:
Keywords: solarwinds, help, desk, vulnerability, denial-of-service, attackers, crash
Severity indicators: vulnerability, CVE:CVE-2026-28299, CVE:CVE-2026-28299
Summary
SolarWinds Web Help Desk is vulnerable to a denial-of-service attack (CVE-2026-28299), which can crash the server due to insufficient memory. This vulnerability affects all versions of the software, including 2026.1 and 2026.2. Additionally, there are critical vulnerabilities (CVE-2025-12762, CVE-2025-12763, CVE-2025-12765) that allow for code execution and TLS certificate verification bypass. As of now, there are no reports of active exploitation, but users are advised to upgrade to version 2026.2 to mitigate risks. The developers have implemented fixes and improved security measures in the latest version. The vulnerabilities were publicly disclosed on June 2, 2026, and the developers have provided guidance for users on upgrading. The overall impact could disrupt IT support services across affected organizations. Key Points: • CVE-2026-28299 allows denial-of-service attacks, potentially crashing servers. • Multiple critical vulnerabilities in Web Help Desk could lead to code execution. • Users are urged to upgrade to version 2026.2 to mitigate these risks.
Detailed Analysis
**Impact** Organizations using SolarWinds Web Help Desk are affected, with potential denial of IT support services due to server crashes. The vulnerability (CVE-2026-28299) can cause complete service disruption, impacting operational continuity. No specific sectors, geographies, or data breaches have been reported. Additional vulnerabilities in related components (pgAdmin4 and TLS verification) could allow code execution, increasing risk to affected systems. **Technical Details** The primary attack vector exploits insufficient memory handling in SolarWinds Web Help Desk, leading to denial-of-service (CVE-2026-28299). Other vulnerabilities include CVE-2025-12762 (critical code execution in pgAdmin4), CVE-2025-12763 (high severity), and CVE-2025-12765 (TLS certificate verification bypass). Exploitation results in server crashes or remote code execution, affecting the availability and integrity stages of the kill chain. No malware, tools, or IOCs are specified. **Recommended Response** Apply SolarWinds Web Help Desk updates sequentially: upgrade first to version 2026.1, then to 2026.2, which addresses all known vulnerabilities. Enforce use of TLS 1.2 or 1.3 and recommended cipher suites as per the latest version. Monitor for abnormal server crashes or memory exhaustion events. No specific detection signatures or IOCs are provided; focus on patch management and operational monitoring.
Source articles (2)
- Attackers can disable SolarWinds Web Help Desk — Heise.De · 2026-06-03
SolarWinds' IT support software Web Help Desk is vulnerable. Attackers can crash instances or even execute malicious code. One security vulnerability is in the software itself, while other vulnerabili… - SolarWinds Web Help Desk Denial-of-Service Vulnerability (CVE-2026-28299) — www.solarwinds.com · 2026-06-05
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory. SolarWinds Web He…
Timeline
- 2025-11-13 — CVE-2025-12762, CVE-2025-12763, CVE-2025-12765 published: Critical vulnerabilities were disclosed that could allow code execution and TLS bypass in pgAdmin4 and Web Help Desk.
- 2026-06-02 — CVE-2026-28299 published: SolarWinds disclosed a denial-of-service vulnerability affecting Web Help Desk, allowing server crashes.
- Recent — Users advised to upgrade to version 2026.2: SolarWinds recommends upgrading to the latest version to address vulnerabilities and improve security.
CVEs
Related entities
- DDoS (Attack Type)
- Malware (Attack Type)
- Cwe-400 - Uncontrolled Resource Consumption (Cwe)
- german.it (Domain)
- SolarWinds Web Help Desk (Platform)