CVE-2025-40540

Published Feb 24, 2026

Last updated 13 days ago

CVSS critical 9.1

Overview

Description
A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
Source
psirt@solarwinds.com
NVD status
Analyzed
Products
serv-u

Risk scores

CVSS 3.1

Type
Primary
Base score
7.2
Impact score
5.9
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

psirt@solarwinds.com
CWE-704

Social media

Hype score
Not currently trending

  1. CVE-2025-40540 (CVSS:9.1, CRITICAL) is Analyzed. A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arb..https://t.co/Am6cmGiawl #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    1 Mar 2026

    56 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-40540 (CVSS:9.1, CRITICAL) is Analyzed. A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arb..https://t.co/Am6cmGiawl #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    28 Feb 2026

    59 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Patch these 4 critical, make-me-root SolarWinds bugs ASAP The four flaws, all of which earned a 9.1 CVSS rating, include a broken access control vulnerability (CVE-2025-40538), two type confusion bugs (CVE-2025-40540 and CVE-2025-40539), and an Insecure Direct Object Reference h

    @johndjohnson

    27 Feb 2026

    64 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-40540 (CVSS 9.1) — SolarWinds Serv-U Critical Vulnerability (Type Confusion RCE) — Patch Released https://t.co/7Bx6ZbOQV4 https://t.co/jV96QPZLO0

    @secharvesterx

    26 Feb 2026

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. ⚠️ Vulnerabilidades en productos SolarWinds ❗ CVE-2025-40541 ❗ CVE-2025-40540 ❗ CVE-2025-40538 ➡️ Más info: https://t.co/k9WORRXVq7 https://t.co/DJ2o6YtpDk

    @CERTpy

    26 Feb 2026

    89 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Warning: 4 critical vulnerabilities in #SolarWinds Serv-U. CVE-2025-40538, CVE-2025-40539, CVE-2025-40540 and CVE-2025-40541 share the same CVSS score of 9.1. Threat actors could exploit either to achieve remote code execution. #RCE! https://t.co/JohgnAP6Bh #Patch #Patch #Patch

    @CCBalert

    25 Feb 2026

    267 Impressions

    2 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 【リンク集:2月24日〜25日のセキュリティ関連ニュース/記事】 <脆弱性> ・SolarWinds Serv-Uに重大な脆弱性、サーバーへのrootアクセスが可能に(CVE-2025-40538、CVE-2025-40540他) https://t.co/UyNpMOpaPf ・2026年1月のCVE

    @MachinaRecord

    25 Feb 2026

    86 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Patches for 4 CVSS 9.1 #Solarwinds vulns. Info at SecAlerts: CVE-2025-40538: https://t.co/rCuV1KEDja CVE-2025-40539: https://t.co/DLNLvD1w5o CVE-2025-40540: https://t.co/wKS4JDkjIq CVE-2025-40541: https://t.co/QfGFIUfORv #ciso #cio #cto #vulnerabilities #cybersecurity #msp #mssp

    @SecAlertsCo

    25 Feb 2026

    81 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CVE-2025-40540 A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. Thi… https://t.co/RwLcUC1ogA

    @CVEnew

    24 Feb 2026

    110 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CVE-2025-40540 Type Confusion Vulnerability in Serv-U Enables Privileged... https://t.co/FCfu6ZE356 Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd

    @VulmonFeeds

    24 Feb 2026

    7 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  11. **CVE-2025-40540** is a **type confusion vulnerability** in **Serv-U**, a managed file transfer server software. When exploited, this flaw allows a malicious actor to execute **arbitrary native code** with **privileged account** privileges. The attack requires **administrative

    @CveTodo

    24 Feb 2026

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. [CVE-2025-40540: CRITICAL] Type confusion vulnerability in Serv-U allows a malicious actor to run native code as a privileged account, requiring administrative privileges to exploit. Risk is medium on Window...#cve,CVE-2025-40540,#cybersecurity https://t.co/ijF9nSEA1P

    @CveFindCom

    24 Feb 2026

    64 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.CVE-2025-40541
  2. A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.CVE-2025-40538
  3. A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.CVE-2025-40539
  4. A missing validation process exists in Serv U when abused, could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.CVE-2025-40548
  5. A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious actor with access to admin privileges the ability to execute code on a directory. This issue requires administrative privileges to abuse. On Windows systems, this scored as medium due to differences in how paths and home directories are handled.CVE-2025-40549

References

Sources include official advisories and independent security research.