Recent SolarWinds Flaws Potentially Exploited as Zero-Days
Attackers exploited vulnerabilities in internet-exposed SolarWinds Web Help Desk to gain access, deploy RMM tools, and maintain persistence using virtual machines and DLL sideloading.
Fresh SolarWinds Vulnerability Exploited in Attacks
Threat actors are actively exploiting an unauthenticated deserialization RCE in SolarWinds Web Help Desk (CVE-2025-40551); immediate patching is required.
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
A critical untrusted-data deserialization vulnerability in SolarWinds Web Help Desk (CVE-2025-40551) enables unauthenticated remote code execution and is actively exploited.
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
A critical untrusted-data deserialization vulnerability in SolarWinds Web Help Desk (CVE-2025-40551) enables unauthenticated remote code execution and is actively exploited.
