Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

SolarWinds Web Help Desk untrusted data deserialization RCE (CVE-2025-40553)

Vulnerability
First reported
Last updated
Happening score
H score 55
2 unique sources, 2 articles

Summary

Hide ▲

SolarWinds Web Help Desk CVE-2025-40553 is a critical remote code execution flaw that can let unauthenticated or unprivileged attackers run commands on vulnerable hosts. SolarWinds has released security updates and says upgrading to Web Help Desk 2026.1 addresses the issue. The bug stems from an untrusted data deserialization weakness, making exposed help desk servers a high-risk target.

Related Happenings

SolarWinds Web Help Desk (WHD) multi-stage exploitation wave

Exploitation Wave
First: 09.02.2026 16:42 Last: 09.02.2026 16:42 Sources 1

About this happening: **SolarWinds Web Help Desk (WHD)** exploitation is a **multi-stage intrusion wave** affecting **internet-exposed WHD instances**. The foothold remains unconfirmed, but the wave is...

Latest development: 10.03.2026 08:17

CISA added CVE-2025-26399 in SolarWinds Web Help Desk to its Known Exploited Vulnerabilities (KEV) catalog after evidence of active exploitation, said Microsoft and Huntress had reported threat actors using SolarWinds Web Help Desk flaws to obtain initial access, attributed the activity to the Warlock ransomware crew, and ordered Federal Civilian Executive Branch (FCEB) agencies to apply the fix by March 12, 2026.

Open Happening

BeyondTrust Remote Support and Privileged Remote Access pre-auth OS command injection (CVE-2026-1731)

Vulnerability
First: 09.02.2026 10:03 Last: 09.02.2026 10:03 Sources 1

About this happening: **CVE-2026-1731** is a **critical pre-authentication OS command injection** in **BeyondTrust Remote Support** and **Privileged Remote Access** that can let an **unauthenticated at...

Latest development: 09.02.2026 15:07

BeyondTrust secured all RS/PRA cloud systems by February 2, 2026 and directed on-premises customers to manually upgrade to Remote Support 25.3.2 or later and Privileged Remote Access 25.1.1 or later if automatic updates were not enabled.

Open Happening

CISA KEV remediation deadline for SolarWinds WHD CVE-2025-40551

Public Sector Action
First: 04.02.2026 07:50 Last: 04.02.2026 07:50 Sources 1

About this happening: **CISA** added **CVE-2025-40551** in **SolarWinds Web Help Desk** to the **KEV catalog** and imposed **federal remediation deadlines**, turning a newly exploited flaw into a compl...

Open Happening

SolarWinds Web Help Desk untrusted data deserialization RCE (CVE-2025-40551)

Vulnerability
First: 03.02.2026 21:37 Last: 03.02.2026 21:37 Sources 1

About this happening: **SolarWinds Web Help Desk** **CVE-2025-40551** is now confirmed **actively exploited**, putting unpatched systems at risk of **remote command execution**. The flaw is an **untrus...

Open Happening

Quiz and Survey Master SQL injection mitigation (CVE-2025-67987)

Advisory/Mitigation
First: 03.02.2026 18:15 Last: 03.02.2026 18:15 Sources 1

About this happening: **Patchstack** published mitigation guidance for **CVE-2025-67987**, directing administrators to update **Quiz and Survey Master** to **version 10.3.2** to close a **SQL injection...

Open Happening

Timeline

  1. 28.01.2026 16:39 3 articles · 3mo ago

    SolarWinds patches Web Help Desk CVE-2025-40553

    Mitigation Patch Update

    SolarWinds released security updates for Web Help Desk to address CVE-2025-40553, a critical remote code execution flaw reported by watchTowr's Piotr Bazydlo that stems from an untrusted data deserialization weakness and can let attackers without privileges run commands on vulnerable hosts. SolarWinds says upgrading vulnerable servers to Web Help Desk 2026.1 addresses the issue.

    Show sources
    Open in new tab