SolarWinds Patches Critical RCE and Auth Bypass Flaws in Web Help Desk
Take action: If you are using Web Help Desk, this is important. If your process allows for it, isolate Web Help Desk from the internet, then plan a quick update. If you can't isolate from the internet, this is urgent. Upgrade immediately to version 2026.1. Hackers will start attacking these flaws very soon.
Learn More
SolarWinds released security updates to fix multiple critical vulnerabilities in its Web Help Desk (WHD) software. These flaws allow attackers to take over servers without authentication.
Vulnerabilities summary:
- CVE-2025-40552 (CVSS score 9.8) - Authentication bypass allowing unauthorized actions.
- CVE-2025-40554 (CVSS score 9.8) - Authentication bypass enabling specific internal command calls.
- CVE-2025-40553 (CVSS score 9.8) - Remote code execution via untrusted data deserialization.
- CVE-2025-40551 (CVSS score 9.8) - Unauthenticated remote code execution.
- CVE-2025-40537 (CVSS score 7.5) - Hardcoded credentials allowing unauthorized administrative access.
The vulnerabilities affect version 12.8.8 HF1 and all earlier versions of the IT management tool.
Organizations must upgrade to Web Help Desk 2026.1 immediately to resolve these threats. SolarWinds provided official guidance for the upgrade process. If you cannot patch immediately, you should restrict network access to the WHD server to prevent external exploitation.
SolarWinds has a history of WHD vulnerabilities being used in active attacks. CISA previously warned about older bugs like CVE-2024-28986 and CVE-2025-26399 being exploited by hackers. Because this software is a high-value target for threat actors, all users are urged to prioritize these updates.
