top of page
perceptive_background_267k.jpg

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would al…

Published:

27 January 2026 at 23:00:00

Alert date:

28 January 2026 at 09:01:36

Source:

nvd.nist.gov

Click to open the original link from this advisory

Enterprise Applications, Zero-Day Vulnerabilities

SolarWinds Web Help Desk contains an untrusted data deserialization vulnerability that enables remote code execution without authentication. Attackers can exploit this flaw to execute arbitrary commands on the host machine. The vulnerability poses a critical security risk due to its unauthenticated nature and potential for complete system compromise. SolarWinds has acknowledged the issue and provided security advisories and release notes for remediation.

Technical details

Mitigation steps:

Affected products:

SolarWinds Web Help Desk

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-40553
https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htm
https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40553

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page