CVE-2025-40551
SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
⚠ KEVEPSS 87.0%
Description
SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
How to fix CVE-2025-40551
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2025-40551 being exploited?
Yes — CVE-2025-40551 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.