- Description
- An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.
- Source
- psirt@solarwinds.com
- NVD status
- Analyzed
- Products
- serv-u
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
SolarWinds Serv-U 15.5.3 and earlier are affected by critical IDOR CVE-2025-40541 (CVSS 9.1). Update to 15.5.4 or later immediately, restrict access to trusted networks, and monitor logs for suspicious activity. Read more: https://t.co/Zhc8P1Z99W https://t.co/8WmkjjvOfc
@wazuh
3 Mar 2026
618 Impressions
9 Retweets
12 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-40541 (CVSS:9.1, CRITICAL) is Analyzed. An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor..https://t.co/pDJeObaoXQ #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
1 Mar 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40541 (CVSS:9.1, CRITICAL) is Analyzed. An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor..https://t.co/pDJeObaoXQ #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
28 Feb 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
All four security defects, tracked as CVE-2025-40538 to CVE-2025-40541, have a CVSS score of 9.1, could result in remote code execution, and impact Serv-U version 15.5. https://t.co/8wlqfSVo82
@jbhall56
27 Feb 2026
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerabilidades en productos SolarWinds ❗ CVE-2025-40541 ❗ CVE-2025-40540 ❗ CVE-2025-40538 ➡️ Más info: https://t.co/k9WORRXVq7 https://t.co/DJ2o6YtpDk
@CERTpy
26 Feb 2026
89 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SolarWinds Patches Four Critical Serv-U Vulnerabilities (CVE-2025-40538 to CVE-2025-40541) SolarWinds released Serv-U 15.5.4 to fix four critical (CVSS 9.1) flaws that could enable remote code execution, but exploitation requires an attacker to already have administrative
@ThreatSynop
25 Feb 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: 4 critical vulnerabilities in #SolarWinds Serv-U. CVE-2025-40538, CVE-2025-40539, CVE-2025-40540 and CVE-2025-40541 share the same CVSS score of 9.1. Threat actors could exploit either to achieve remote code execution. #RCE! https://t.co/JohgnAP6Bh #Patch #Patch #Patch
@CCBalert
25 Feb 2026
267 Impressions
2 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-40541 - CRITICAL SolarWinds Serv-U 🤖 AI Summary: Critical IDOR flaw in SolarWinds Serv-U enables privileged code execution. Requires admin access but poses severe risk to compr... ThreatScore: 91/100 🔗 https://t.co/7LaV5ybUEC #cybersecurity #infosec #CVE
@AIengineerlife
25 Feb 2026
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
برای یکی از نرم افزار شرکت SolarWinds یعنی Serv-U file transfer آسیب پذیری با کد شناسایی CVE-2025-40541 و از نوع RCE منتشر شده است که به هکرها امکان اجرای کد با دسترسی ROOT را می دهد
@AmirHossein_sec
25 Feb 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SolarWinds Serv-U 15.5.4 Patches 4 Critical Flaws Enabling Root-Level Compromise SolarWinds released Serv-U v15.5.4 to fix four critical vulnerabilities (CVE-2025-40538 to CVE-2025-40541, CVSS 9.1) that can let attackers with high privileges create unauthorized system admins
@ThreatSynop
25 Feb 2026
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SolarWinds Serv-U Patches 4 Critical Flaws That Enable Root-Level Code Execution SolarWinds fixed four critical Serv-U vulnerabilities (CVE-2025-40538 to CVE-2025-40541) that could let an attacker with already-compromised admin/group-admin access create a system admin user a
@ThreatSynop
25 Feb 2026
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Patches for 4 CVSS 9.1 #Solarwinds vulns. Info at SecAlerts: CVE-2025-40538: https://t.co/rCuV1KEDja CVE-2025-40539: https://t.co/DLNLvD1w5o CVE-2025-40540: https://t.co/wKS4JDkjIq CVE-2025-40541: https://t.co/QfGFIUfORv #ciso #cio #cto #vulnerabilities #cybersecurity #msp #mssp
@SecAlertsCo
25 Feb 2026
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40541 An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privi… https://t.co/WUz4rD5O6g
@CVEnew
24 Feb 2026
111 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40541 Serv-U IDOR Vulnerability Enables Privileged Native Code Execution https://t.co/0TEQFnLhjd
@VulmonFeeds
24 Feb 2026
58 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
[CVE-2025-40541: CRITICAL] In Serv-U, an Insecure Direct Object Reference (IDOR) vulnerability allows executing native code with admin privileges, posing a medium risk particularly on Windows systems.#cve,CVE-2025-40541,#cybersecurity https://t.co/0j8DgVxh4b
@CveFindCom
24 Feb 2026
65 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
**CVE-2025-40541** pertains to an **Insecure Direct Object Reference (IDOR)** vulnerability found in **Serv-U**, a managed file transfer server. An IDOR vulnerability allows an attacker to access or manipulate objects (such as files, data, or functions) directly by manipulating
@CveTodo
24 Feb 2026
55 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0879DDA2-3F57-41C7-A689-4B904310687E",
"versionEndExcluding": "15.5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]