CRITICAL🇵🇱 Wersja polska

CVE-2025-40553

CVSS 9.8v3.1pub. 2026-01-28upd. 2026-02-26

SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

🤖 AI Analysis
How it works

The application deserializes data supplied by an external user without proper verification of its origin or content (CWE-502). An attacker can prepare a malicious payload and submit it to the vulnerable endpoint without needing an account or session. During the deserialization process, the malicious object is processed by the server, leading to the execution of arbitrary system commands on the host machine.

Impact

Attackers gain the ability to remotely execute arbitrary commands on the server (RCE) without authentication, which in practice means complete takeover of the host, including data access, ability to install malicious software, and lateral movement in the network.

Mitigation & patch

The update described in the SolarWinds Web Help Desk 2026-1 release notes, available at the address indicated in the manufacturer's references, should be applied immediately. Additionally, it is recommended to restrict network access to the Web Help Desk interface only to trusted networks or hosts until the patch is deployed.

Who is affected

SolarWinds Web Help Desk — versions indicated in the manufacturer's references (patch available in the version described in WHD 2026-1 release notes)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Solarwinds Web Help Desk

    APP
    Solarwinds
    < 2026.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEDeserialization
CWE
References

Related vulnerabilities

CVE-2025-40551CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE przez deserializację w SolarWinds Web Help Desk — bez uwierzytelnienia

CVE-2025-26399CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE przez deserializację AjaxProxy w SolarWinds Web Help Desk (nieuwierzytelniony)

CVE-2024-28987CRITICAL9.1⚠ KEVPL ✓ten sam produkt

SolarWinds Web Help Desk – hardcoded credential umożliwia zdalny dostęp

CVE-2024-28986CRITICAL9.8⚠ KEVPL ✓ten sam produkt

RCE przez Java Deserialization w SolarWinds Web Help Desk

CVE-2025-40552CRITICAL9.8PL ✓ten sam produkt

SolarWinds Web Help Desk — pominięcie uwierzytelnienia (Auth Bypass)