Full Report
US agencies told to patch by Friday Attackers are exploiting a critical SolarWinds Web Help Desk bug - less than a week after the vendor disclosed and fixed the 9.8-rated flaw. That's according to America's lead cyber-defense agency, which set a Friday deadline for federal agencies to patch the security flaw.…
Analysis Summary
# Vulnerability: Critical SolarWinds Web Help Desk Untrusted Deserialization Leading to RCE
## CVE Details
- CVE ID: CVE-2025-40551
- CVSS Score: 9.8 (Critical)
- CWE: Untrusted Deserialization (Implied)
## Affected Systems
- Products: SolarWinds Web Help Desk
- Versions: Prior to 2026.1
- Configurations: Not specified, assumed any default installation.
## Vulnerability Description
This vulnerability is described as an **untrusted deserialization flaw**. Successful exploitation allows a **remote, unauthenticated attacker** to execute arbitrary operating system (OS) commands on the affected system, leading to Remote Code Execution (RCE).
## Exploitation
- Status: **Exploited in the wild** (Agencies given an accelerated deadline, indicating active threat)
- Complexity: Implied **Low** ("easily exploitable" according to researchers)
- Attack Vector: Network
## Impact
- Confidentiality: High (RCE allows full system access)
- Integrity: High (RCE allows arbitrary code execution and modification/destruction of data)
- Availability: High (RCE can lead to system compromise or denial of service)
## Remediation
### Patches
- **SolarWinds Web Help Desk version 2026.1** (Released January 28) contains the fix for this vulnerability and five others.
### Workarounds
- No specific workarounds were mentioned in the summary, but immediate patching is strongly urged.
## Detection
- Detection methods were not explicitly detailed, but the context implies government agencies are expected to monitor for attempts to exploit this deserialization flaw or resulting OS command execution.
- Indicators of Compromise (IoCs) are not provided in this summary.
## References
- Vendor Advisory/Fix Release Notes: hxxps://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htm
- Researcher Warning (Horizon3.ai): hxxps://horizon3.ai/attack-research/cve-2025-40551-another-solarwinds-web-help-desk-deserialization-issue/
- Rapid7 Analysis: hxxps://www.rapid7.com/blog/post/etr-multiple-critical-solarwinds-web-help-desk-vulnerabilities-cve-2025-40551-40552-40553-40554/
- CISA KEV Reference page (General referencing ongoing targeting): hxxps://www.cisa.gov/known-exploited-vulnerabilities-catalog