SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws

Key Points:

• Critical vulnerabilities in SolarWinds Web Help Desk software include authentication bypass (CVE-2025-40552, CVE-2025-40554) and remote command execution flaws (CVE-2025-40553, CVE-2025-40551).
• These vulnerabilities allow unauthenticated attackers to execute commands and potentially gain unauthorized access to administrative functions, impacting organizations using this software for IT management.
• Immediate patching to version 2026.1 is recommended to mitigate these risks, as previous vulnerabilities have been actively exploited in the wild.

Technical Details: The vulnerabilities stem from authentication bypass issues and untrusted data deserialization weaknesses, allowing attackers to execute arbitrary commands on vulnerable systems without authentication.

MITRE ATT&CK Techniques:

• T1203 - Exploitation for Client Execution (Execution)
• T1078 - Valid Accounts (Defense Evasion)

IOCs Mentioned: None mentioned