Threat Intelligence / CVE / CVE-2025-40553

CVE-2025-40553

Ransomware

CVSS 9.8 (CRITICAL) · EPSS 14.5% · Published 2026-01-28

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-502

Threats tracking this CVE

SolarWinds Web Help Desk Deserialization RCE - CISA KEV — CRITICAL

References

https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htm
https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40553
https://github.com/watchtowrlabs/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553/blob/main/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553.py

Full detection coverage & IOCs for threats exploiting CVE-2025-40553 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence