Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

SolarWinds Serv-U File Transfer Software Patches Critical Flaws Allowing Remote Code Execution



SolarWinds has released updates to patch four critical flaws in its Serv-U file transfer software, including a broken access control vulnerability and two type confusion vulnerabilities. The patches address significant security risks for organizations using the software, emphasizing the importance of timely updates and proper configuration. With this update, affected users can rest assured that their data is protected against potential exploitation by malicious actors.

  • SolarWinds has released updates to address four critical security flaws in its Serv-U software.
  • The vulnerabilities are rated 9.1 on the Common Vulnerability Scoring System (CVSS) and pose a significant threat to organizations that rely on the software.
  • The flaws include broken access control, type confusion, insecure direct object reference, and allow attackers to execute arbitrary code as root.
  • Updates are available in SolarWinds Serv-U version 15.5.4 and should be applied immediately.
  • Prior vulnerabilities have been exploited by malicious actors, emphasizing the importance of staying vigilant and keeping software up to date.



    • SolarWinds has released updates to address four critical security flaws in its popular file transfer software, Serv-U. The vulnerabilities, all rated 9.1 on the Common Vulnerability Scoring System (CVSS) scoring system, are a cause for concern among organizations that rely on the software for their daily operations.

    According to SolarWinds, the broken access control vulnerability (CVE-2025-40538) allows an attacker to create a system admin user and execute arbitrary code as root via domain admin or group admin privileges. This flaw has been rated as critical due to its severity and potential impact on organizations with administrative privileges configured for the software.

    The type confusion vulnerability (CVE-2025-40539) also falls under this category, allowing an attacker to execute arbitrary native code as root. Similarly, another type confusion vulnerability (CVE-2025-40540) poses a threat to users, as it enables the execution of arbitrary native code as root. The insecure direct object reference (IDOR) vulnerability (CVE-2025-40541), while not as severe in its impact on organizations with proper configurations, is still worthy of attention due to its potential for exploitation by malicious actors.

    SolarWinds noted that the vulnerabilities require administrative privileges for successful exploitation and carry a medium security risk on Windows deployments. However, this does not diminish their significance; rather, it highlights the importance of ensuring proper configuration and adherence to best practices to mitigate these risks.

    The four shortcomings affect SolarWinds Serv-U version 15.5. Fortunately, the updates have been addressed in SolarWinds Serv-U version 15.5.4, which can be downloaded from the official SolarWinds website for affected users.

    It is worth noting that prior vulnerabilities in the software (CVE-2021-35211, CVE-2021-35247, and CVE-2024-28995) have been exploited by malicious actors, including a China-based hacking group tracked as Storm-0322. This history serves as a reminder of the importance of staying vigilant and keeping software up to date with the latest security patches.

    In light of this recent development, organizations using SolarWinds Serv-U are advised to prioritize updating their software to version 15.5.4 without delay. Furthermore, they should ensure that all necessary configurations and settings are adjusted to prevent potential vulnerabilities from being exploited in the future.

    Ultimately, this incident underscores the importance of cybersecurity awareness and regular security patches in protecting against emerging threats. Organizations must remain proactive in addressing these challenges head-on to maintain the integrity and confidentiality of their data.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/SolarWinds-Serv-U-File-Transfer-Software-Patches-Critical-Flaws-Allowing-Remote-Code-Execution-ehn.shtml

  • https://thehackernews.com/2026/02/solarwinds-patches-4-critical-serv-u.html

  • https://securityaffairs.com/188454/hacking/solarwinds-patches-four-critical-serv-u-flaws-enabling-root-access.html

  • https://nvd.nist.gov/vuln/detail/CVE-2021-35211

  • https://www.cvedetails.com/cve/CVE-2021-35211/

  • https://nvd.nist.gov/vuln/detail/CVE-2021-35247

  • https://www.cvedetails.com/cve/CVE-2021-35247/

  • https://nvd.nist.gov/vuln/detail/CVE-2024-28995

  • https://www.cvedetails.com/cve/CVE-2024-28995/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40538

  • https://www.cvedetails.com/cve/CVE-2025-40538/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40539

  • https://www.cvedetails.com/cve/CVE-2025-40539/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40540

  • https://www.cvedetails.com/cve/CVE-2025-40540/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-40541

  • https://www.cvedetails.com/cve/CVE-2025-40541/


    • Published: Wed Feb 25 02:28:12 2026 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us