A serious security vulnerability in SolarWinds Web Help Desk has been confirmed to be under active exploitation, following its disclosure and patching by the vendor. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive for federal agencies to apply necessary updates by the end of the week.
Details of the Vulnerability
The flaw, identified as CVE-2025-40551, is classified as an untrusted deserialization vulnerability. This type of flaw can lead to remote code execution, enabling an unauthenticated attacker to execute operating system commands on affected systems. The vulnerability was rated 9.8 on the CVSS scale, indicating its critical nature.
Patch Availability
SolarWinds addressed this vulnerability along with five others in the release of Web Help Desk version 2026.1 on January 28, 2026. The vulnerabilities were reported by researchers from Horizon3.ai and watchTowr, who noted that these issues are “easily exploitable.”
Urgency of the Situation
While there were no known instances of exploitation at the time of the vulnerability’s disclosure, experts from Rapid7 have indicated that this may change as more technical details become public. CISA has set a tight deadline for remediation, typically allowing 14 days for federal agencies to address known exploited vulnerabilities. However, in this case, the deadline is only three days, highlighting the urgency of the threat.
Current Status and Recommendations
A spokesperson for SolarWinds stated that the company is aware of the reported issues and has advised customers to promptly apply the patched software. They also noted that, based on their monitoring, there has not been widespread exploitation observed at this time. Nevertheless, the situation remains fluid, and close attention is warranted.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
