SolarWinds Serv-U Vulnerability Exploited in the Wild

Key Points:

• Main threat/vulnerability/incident: A denial-of-service (DoS) vulnerability in SolarWinds Serv-U, tracked as CVE-2026-28318, is being actively exploited.
• Impact assessment and affected systems: The vulnerability allows unauthenticated attackers to crash the Serv-U service via specially crafted POST requests. Affected versions include 15.4.2, 15.5, and 15.5.1, which have reached End-of-Life (EoL).
• Recommended actions or mitigations: All users are urged to apply the patch provided in Serv-U 15.5.4 Hotfix 1 immediately to mitigate the risk of exploitation.

Technical Details: CVE-2026-28318 has a CVSS score of 7.5 and can be exploited without authentication through POST requests containing the ‘Content-Encoding: deflate’ header.

MITRE ATT&CK Techniques: None mentioned

IOCs Mentioned: None mentioned