Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

Four Critical SolarWinds Vulnerabilities: A New Wave of Attackers Exploits File Transfer Software


Four critical vulnerabilities have been discovered in SolarWinds' Serv-U file transfer software, allowing attackers to execute code as root and gain access to sensitive files and systems. The vulnerabilities have been addressed by the vendor, but it is essential for enterprises to take proactive steps to patch their software and stay protected against these types of attacks.

  • Four critical vulnerabilities were discovered in SolarWinds' Serv-U file transfer software.
  • The vulnerabilities allow attackers to create a system admin user and execute arbitrary code, or exploit weaknesses for remote code execution (RCE).
  • The severity of the flaws is reflected in their high CVSS ratings, indicating potential exploitation within under an hour.
  • All four vulnerabilities have been addressed in the latest version of Serv-U (version 15.5.4).
  • Enterprises should prioritize security and patch identified vulnerabilities to prevent attacks.
  • CISA has added earlier Serv-U bugs to its KEV catalog, highlighting the need for enterprises to stay vigilant and implement robust security controls.



    • The IT security landscape has been rattled once again by a recent discovery of four critical vulnerabilities in SolarWinds’ Serv-U file transfer software. This revelation has sent shockwaves through the industry, as attackers have long been known to exploit weaknesses in such products, which are often used by enterprises to store and transfer sensitive files.

    The first vulnerability, CVE-2025-40538, is a broken access control vulnerability that allows attackers to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. The severity of this flaw is reflected in its 9.1 CVSS rating, which indicates that it has the potential to be exploited by an attacker in less than an hour.

    The second vulnerability, CVE-2025-40540, is a type confusion bug that can lead to remote code execution (RCE). This type of attack occurs when an attacker is able to manipulate the software to execute malicious code without being detected. The third vulnerability, CVE-2025-40541, is another type of RCE flaw that allows attackers to exploit weaknesses in the Insecure Direct Object Reference mechanism.

    The fourth and final vulnerability, CVE-2025-40539, is also a type confusion bug that can lead to RCE. This vulnerability is particularly concerning, as it can be exploited by an attacker to gain access to sensitive files or systems.

    According to SolarWinds, all four vulnerabilities have been addressed in the latest version of Serv-U, which is version 15.5.4. The vendor has stated that they are committed to monitoring the situation and working closely with customers and partners to ensure that issues are resolved quickly.

    The discovery of these vulnerabilities is a stark reminder of the ongoing threat landscape in the IT industry. As enterprises continue to rely on file transfer software to manage their sensitive data, it is essential that they prioritize security and take proactive steps to patch any identified vulnerabilities.

    CISA has already added three earlier Serv-U bugs to its KEV catalog, including one known to be used in ransomware infections. This highlights the need for enterprises to stay vigilant and keep their software up-to-date, as well as to implement robust security controls to prevent attacks.

    The fact that attackers have been exploiting these vulnerabilities to gain access to sensitive files and systems is a clear indication of the severity of this threat. Enterprises should take immediate action to patch their SolarWinds software and ensure that they are protected against these types of attacks.

    In light of this latest discovery, it is essential for IT professionals to remain vigilant and proactive in their approach to security. This includes staying up-to-date with the latest patches and updates, as well as implementing robust security controls to prevent attacks.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/Four-Critical-SolarWinds-Vulnerabilities-A-New-Wave-of-Attackers-Exploits-File-Transfer-Software-ehn.shtml

  • https://go.theregister.com/feed/www.theregister.com/2026/02/24/patch_these_4_critical_makemeroot/

  • https://www.csoonline.com/article/4124030/solarwinds-again-critical-rce-bugs-reopen-old-wounds-for-enterprise-security-teams.html

  • https://www.theregister.com/2025/09/23/solarwinds_patches_rce/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40538

  • https://www.cvedetails.com/cve/CVE-2025-40538/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40540

  • https://www.cvedetails.com/cve/CVE-2025-40540/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40541

  • https://www.cvedetails.com/cve/CVE-2025-40541/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40539

  • https://www.cvedetails.com/cve/CVE-2025-40539/


    • Published: Tue Feb 24 14:06:37 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us