Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

CISA Flags Critical SolarWinds RCE Flaw as Exploited in Attacks



CISA flags critical SolarWinds RCE flaw as exploited in attacks. A vulnerability discovered by Horizon3.ai security researcher Jimi Sebree can allow unauthenticated attackers to gain remote command execution on unpatched devices, according to a recent update from the Cybersecurity and Infrastructure Security Agency (CISA). The agency ordered federal agencies to patch their systems within three days. SolarWinds Web Help Desk is a popular help desk management software used by thousands of organizations worldwide.

  • CISA has flagged a critical SolarWinds Web Help Desk vulnerability (CVE-2025-40551) as actively exploited in attacks, ordering federal agencies to patch their systems within three days.
  • The vulnerability allows unauthenticated attackers to gain remote command execution on unpatched devices due to an untrusted data deserialization weakness.
  • SolarWinds has patched multiple related vulnerabilities, including a hardcoded-credentials flaw and two authentication-bypass security flaws.
  • CISA encouraged all network defenders, including those in the private sector, to patch their devices against ongoing CVE-2025-40551 attacks as soon as possible.



    • CISA has flagged a critical SolarWinds Web Help Desk vulnerability, CVE-2025-40551, as actively exploited in attacks and ordered federal agencies to patch their systems within three days. This security flaw stems from an untrusted data deserialization weakness discovered by Horizon3.ai security researcher Jimi Sebree, which can allow unauthenticated attackers to gain remote command execution on unpatched devices.

    The same day, SolarWinds also patched a high-severity hardcoded-credentials vulnerability (CVE-2025-40537) discovered by Sebree and two authentication-bypass security flaws (CVE-2025-40552 and CVE-2025-40554) reported by watchTowr's Piotr Bazydlo, all of them remotely exploitable. These vulnerabilities highlight the critical need for software updates and patch management in organizations.

    CISA added CVE-2025-40551 to its catalog of flaws exploited in the wild and gave Federal Civilian Executive Branch (FCEB) agencies three days to secure their systems, as mandated by the Binding Operational Directive (BOD) 22-01, issued in November 2021. Although BOD 22-01 targets only federal agencies, CISA encouraged all network defenders, including those in the private sector, to patch their devices against ongoing CVE-2025-40551 attacks as soon as possible.

    Admins are advised to patch their systems as soon as possible, given that hackers have frequently exploited Web Help Desk vulnerabilities in the wild. For instance, CISA tagged a Web Help Desk hardcoded credentials flaw in October 2024 as actively exploited, and SolarWinds addressed a patch bypass in September 2025 for another Web Help Desk RCE flaw flagged as exploited in attacks.

    Web Help Desk is a popular help desk management software among government agencies, large corporations, healthcare organizations, and educational institutions. SolarWinds claims that more than 300,000 customers worldwide use its IT management products.

    Modern IT infrastructure moves faster than manual workflows can handle. In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use. Get the guide.

    Related Articles:

    SolarWinds Web Help Desk flaw is now exploited in attacks
    SolarWinds releases third patch to fix Web Help Desk RCE bug
    CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks
    SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
    CISA says critical VMware RCE flaw now actively exploited



    Related Information:
  • https://www.ethicalhackingnews.com/articles/CISA-Flags-Critical-SolarWinds-RCE-Flaw-as-Exploited-in-Attacks-ehn.shtml

  • https://www.bleepingcomputer.com/news/security/cisa-flags-critical-solarwinds-rce-flaw-as-actively-exploited/

  • https://blog.netmanageit.com/cisa-flags-critical-solarwinds-rce-flaw-as-exploited-in-attacks/

  • https://www.bleepingcomputer.com/news/security/cisa-warns-critical-solarwinds-rce-bug-is-exploited-in-attacks/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40551

  • https://www.cvedetails.com/cve/CVE-2025-40551/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40537

  • https://www.cvedetails.com/cve/CVE-2025-40537/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40552

  • https://www.cvedetails.com/cve/CVE-2025-40552/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40554

  • https://www.cvedetails.com/cve/CVE-2025-40554/


    • Published: Tue Feb 3 19:49:19 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us