CVE-2025-40537
published 2026-01-28CVE-2025-40537: SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to…
PriorityP351high7.5CVSS 3.1
AVNACHPRLUINSUCHIHAH
EPSS
0.53%
41.0th percentile
SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| solarwinds | web_help_desk | < 2026.1 | 2026.1 |
| solarwinds | web_help_desk | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bleepingcomputer
CISA flags critical SolarWinds RCE flaw as exploited in attacks
blogs_bleepingcomputer·2026-02-03·CVSS 7.5
CVE-2025-40551 [HIGH] CISA flags critical SolarWinds RCE flaw as exploited in attacks
## CISA flags critical SolarWinds RCE flaw as exploited in attacks
## Sergiu Gatlan
CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their systems within three days.
Tracked as CVE-2025-40551 , this security flaw stems from an untrusted data deserialization weakness discovered and reported by Horizon3.ai security researcher Jimi Sebree , which can allow unauthenticated attackers to gain remote command execution on unpatched devices.
"SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution which would allow an attacker to run commands on the host machine," the company explained on January 28 when it released Web
Bleepingcomputer
SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
blogs_bleepingcomputer·2026-01-28·CVSS 9.8
CVE-2025-40552 [CRITICAL] SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
## SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
## Sergiu Gatlan
SolarWinds has released security updates to patch critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk IT help desk software.
The authentication bypass security flaws (tracked as CVE-2025-40552 and CVE-2025-40554 ) patched today by SolarWinds were reported by watchTowr's Piotr Bazydlo and can be exploited by remote unauthenticated threat actors in low-complexity attacks.
Bazydlo also found and reported a critical remote code execution (RCE) flaw ( CVE-2025-40553 ) stemming from an untrusted data deserialization weakness that can enable attackers without privileges to run commands on vulnerable hosts.
A second RCE vulnerability ( CVE-2025-40551 ) reported by
Wiz
CVE-2025-40553 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2025-40553 [HIGH] CVE-2025-40553 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-40553 :
SolarWinds Web Help Desk vulnerability analysis and mitigation
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
Source : NVD
## 9.8
Score
Published January 28, 2026
Severity CRITICAL
CNA Score 9.8
High-profile Vulnerability Yes
Affected Technologies
SolarWinds Web Help Desk
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 94.4
Exploitation Probability (EPSS) 14.5
Affected packages and libraries
cpe:2.3:a:solarwinds:web_help_desk
Sources
Linux Severity
Wiz
CVE-2025-40536 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.1
CVE-2025-40536 [HIGH] CVE-2025-40536 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-40536 :
SolarWinds Web Help Desk vulnerability analysis and mitigation
SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality.
Source : NVD
## 9.8
Score
Published January 28, 2026
Severity CRITICAL
CNA Score 8.1
High-profile Vulnerability Yes
Affected Technologies
SolarWinds Web Help Desk
Has Public Exploit Yes
Has CISA KEV Exploit Yes
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 98.6
Exploitation Probability (EPSS) 68.3
Affected packages and libraries
cpe:2.3:a:solarwinds:web_help_desk
Sources
Linux Severity CRITICAL Has Fix Added at: Jan 29, 2026
Windows Seve
Wiz
CVE-2025-40537 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2025-40537 [HIGH] CVE-2025-40537 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-40537 :
SolarWinds Web Help Desk vulnerability analysis and mitigation
SolarWinds Web Help Desk was found to be susceptible to a hardcoded credentials vulnerability that, under certain situations, could allow access to administrative functions.
Source : NVD
## 7.5
Score
Published January 28, 2026
Severity HIGH
CNA Score 7.5
High-profile Vulnerability Yes
Affected Technologies
SolarWinds Web Help Desk
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 1.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:solarwinds:web_help_desk
Sources
Linux Severity HIGH Has Fix Added at: Jan 29, 2026
Windows Severity HIGH Has Fix Added at: Jan 29, 2026
#
Wiz
CVE-2025-40551 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2025-40551 [HIGH] CVE-2025-40551 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-40551 :
SolarWinds Web Help Desk vulnerability analysis and mitigation
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
Source : NVD
## 9.8
Score
Published January 28, 2026
Severity CRITICAL
CNA Score 9.8
High-profile Vulnerability Yes
Affected Technologies
SolarWinds Web Help Desk
Has Public Exploit Yes
Has CISA KEV Exploit Yes
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 99.6
Exploitation Probability (EPSS) 89.5
Affected packages and libraries
cpe:2.3:a:solarwinds:web_help_desk
Sources
Linux Severity
Wiz
CVE-2025-40554 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2025-40554 [HIGH] CVE-2025-40554 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-40554 :
SolarWinds Web Help Desk vulnerability analysis and mitigation
SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.
Source : NVD
## 9.8
Score
Published January 28, 2026
Severity CRITICAL
CNA Score 9.8
High-profile Vulnerability Yes
Affected Technologies
SolarWinds Web Help Desk
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 90.7
Exploitation Probability (EPSS) 6.1
Affected packages and libraries
cpe:2.3:a:solarwinds:web_help_desk
Sources
Linux Severity CRITICAL Has Fix Added at: Jan 29, 2026
Windows Severity CRITICAL Has Fix
Wiz
CVE-2025-40552 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2025-40552 [HIGH] CVE-2025-40552 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-40552 :
SolarWinds Web Help Desk vulnerability analysis and mitigation
SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.
Source : NVD
## 9.8
Score
Published January 28, 2026
Severity CRITICAL
CNA Score 9.8
High-profile Vulnerability Yes
Affected Technologies
SolarWinds Web Help Desk
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 91.8
Exploitation Probability (EPSS) 7.5
Affected packages and libraries
cpe:2.3:a:solarwinds:web_help_desk
Sources
Linux Severity CRITICAL Has Fix Added at: Jan 29, 2026
Wi
2026-01-28
Published