CVE-2025-40551
Published Jan 28, 2026
Last updated 6 days ago
AI description
CVE-2025-40551 is a remote code execution (RCE) vulnerability identified in SolarWinds Web Help Desk (WHD) software. This flaw originates from an untrusted data deserialization weakness, which allows an attacker to execute commands on the host machine. Exploitation of CVE-2025-40551 can occur without requiring authentication. This vulnerability is often discussed alongside other related issues in SolarWinds WHD, forming potential attack chains.
- Description
- SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
- Source
- psirt@solarwinds.com
- NVD status
- Analyzed
- Products
- web_help_desk
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@solarwinds.com
- CWE-502
- Hype score
- Not currently trending
#ITSecurity SolarWinds again and reminders: CVE-2025-40551Unauthenticated RCE via AjaxProxy deserialization, 9.8 Remote command execution CVE-2025-40536 Protection bypass via bogus “/ajax/” parameter, 8.1 Access to restricted WebObjects
@seaarepea
8 Feb 2026
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【情シス必読】Officeファイルは「見るだけ」で感染します。 SolarWindsとOfficeの脆弱性(CVE-2025-40551、CVE-2026-21509)が悪用されAD乗っ取りの危機です。「マクロ無効化」では防げません。👇 https://t.co/CvTYL87kX6 #Mb_S
@sec_mb
8 Feb 2026
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-40551 - critical 🚨 SolarWinds Web Help Desk < 2026.1 - Unauthenticated JNDI Injection RCE > SolarWinds Web Help Desk before version 2026.1 contains an insecure deserialization v... 👾 https://t.co/3ZHUc8BJ2K @pdnuclei #NucleiTempl...
@pdnuclei_bot
8 Feb 2026
181 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
Microsoft Defender 연구팀은 SolarWinds Web Help Desk(WHD)의 취약점을 악용한 실제 공격 사례를 발견 현재 추가 조사를 통해 악용된 실제 취약점( CVE-2025-40551 (신뢰할 수 없는 데이터 역직렬화), CVE-2025-40536 (보안 제어 우회),
@ngnicky
7 Feb 2026
124 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
SolarWinds RCE flaw (CVE-2025-40551) is now on CISA’s KEV list, proof that attackers exploit low-complexity bugs in trusted platforms. Insight from Cobalt’s Joe Brinkley in @ComputerWeekly: https://t.co/7LbucAir11 #cybersecurity #pentesting #infosec
@cobalt_io
7 Feb 2026
183 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
An urgent warning regarding a critical remote code execution (RCE) vulnerability in SolarWinds Web Help Desk. The vulnerability, tracked as CVE-2025-40551, exploits unsafe deserialization of untrusted ... 🛜 Read More @ https://t.co/u3sXp1Z2Q2
@Roguevaultnews
7 Feb 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Analysis of active exploitation of SolarWinds Web Help Desk - https://t.co/InJP6reBJn #threatintel #solarwinds-web-help-desk #cve-2025-40551 #cve-2025-40536 #cve-2025-26399 #rce-exploitation
@RedPacketSec
7 Feb 2026
96 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Recent reporting by Microsoft Security Blog highlights active exploitation of SolarWinds Web Help Desk (WHD) through unpatched vulnerabilities, including newly disclosed CVE-2025-40551 and CVE-2025-40536. While the report does not explicitly attribute the attacks to
@ox0ffff
7 Feb 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Just published: Critical Analysis CVE-2025-40551 - SolarWinds Web Help Desk Deserialization.... Practical security guidance from the trenches. Read more: https://t.co/Q2v41DXx91
@TomarPrateek23
7 Feb 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Recent reporting by CISA KEV highlights a critical vulnerability in SolarWinds Web Help Desk, designated CVE-2025-40551, which exposes systems to remote code execution without authentication. This development occurs amid escalating global cyber conflict dynamics, where
@ox0ffff
6 Feb 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Patch latency is becoming a national security risk. IT support tools are now part of the attack surface. CISA added CVE-2025-40551 in SolarWinds Web Help Desk to the KEV list. Government agencies must remediate it by Feb 6, 2026. This pushes zero-day response pressure deep into
@MartinSzerment
6 Feb 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SolarWinds Web Help Desk Critical RCE (CVE-2025-40551) Now Actively Exploited in the Wild Cybersecurity Dive reports active exploitation of CVE-2025-40551 (CVSS 9.8), an unauthenticated insecure-deserialization flaw in SolarWinds Web Help Desk that enables remote code
@ThreatSynop
6 Feb 2026
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SolarWinds Web Help Desk Under Active Exploitation: Unauth RCE (CVE-2025-40551) Forces Rapid Patching UpGuard’s vulnerability overview details CVE-2025-40551 (CVSS 9.8) in SolarWinds Web Help Desk, an untrusted deserialization bug in the AjaxProxy component that enables
@ThreatSynop
6 Feb 2026
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 URGENTE: CISA ordena el parcheo inmediato de SolarWinds Web Help Desk antes del 6 de febrero. La vulnerabilidad CVE-2025-40551 (RCE crítica 9.8) está siendo explotada activamente según Horizon3ai. ¡Actualiza a la versión 2026.1 ya! 💻🔥 #SolarWinds #CISA #CyberAtta
@ciberconciencia
5 Feb 2026
98 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAがSolarWinds Web Help Deskの脆弱性のサイバー攻撃への悪用確認(CVE-2025-40551) https://t.co/TM3RJ8dWLB #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
@securityLab_jp
5 Feb 2026
118 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
SolarWinds Web Help Desk flaw CVE-2025-40551 is under active exploitation, with 170+ internet-exposed installs vulnerable to unauthenticated RCE; CISA adds bug to KEV and orders rapid patching. https://t.co/Xn14T4terd
@threatcluster
5 Feb 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40551 was added to CISA’s Known Exploited Vulnerabilities Catalog on Tuesday. Federal civilian agencies have to patch it until Friday. #CISA #cybersecurity https://t.co/okeAqRzsgI
@CyberNews
5 Feb 2026
330 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 170+ SolarWinds Web Help Desk Servers Exposed to Actively Exploited Unauth RCE (CVE-2025-40551) Over 170 internet-facing SolarWinds Web Help Desk instances are still vulnerable to an unauthenticated insecure-deserialization RCE (CVSS 9.8) in AjaxProxy, now confirmed exploite
@ThreatSynop
5 Feb 2026
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#SolarWinds confirms active exploitation of Web Help Desk flaws. CVE-2025-40551 enables unauthenticated RCE via AjaxProxy deserialization and is listed in CISA KEV. Additional WHD RCE and auth bypass issues identified; exploitation unconfirmed. https://t.co/TMY3gpnRtJ
@MeridianEU
5 Feb 2026
88 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
For the last few days, we have been sharing SolarWinds Help Desk CVE-2025-40551 RCE vulnerable IPs (version check based) - ~170 seen. This vuln is now on @CISACyber KEV. Data in Vulnerable HTTP reports: https://t.co/qxv0Gv5ELc Dashboard Tree Map view: https://t.co/zzg4wFSQVr ht
@Shadowserver
5 Feb 2026
1998 Impressions
6 Retweets
17 Likes
2 Bookmarks
1 Reply
1 Quote
🚨 CVE-2025-40551 (CVSS 9.8): SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which
@zoomeye_team
5 Feb 2026
1164 Impressions
3 Retweets
14 Likes
7 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-40551 (CVSS 9.8): SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which
@zoomeye_team
5 Feb 2026
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Security deep dive: Critical Analysis CVE-2025-40551 - SolarWinds Web Help Desk Deserialization.... Actionable advice for practitioners. Read more: https://t.co/Cf7CJ2EURY #
@TomarPrateek23
5 Feb 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Vulnerability Alert: CVE-2025-40551 in SolarWinds Web Help Desk https://t.co/GvRNvawxs4
@StratoKey
4 Feb 2026
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Today's #Cybersecurity Pulse (Feb 4, 2026): CISA adds critical SolarWinds Web Help Desk RCE flaw (CVE-2025-40551) to KEV catalog — patch NOW! Interlock ransomware deploys new "Hotta Killer" to evade EDR via driver exploits. Italy thwarts Russia-linked attacks on embassies &
@ImperialTechSvc
4 Feb 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I spent this entire conversation chasing "DALG" without ever asking what it means—verified SolarWinds CVE-2025-40551 as a critical, actively-exploited RCE vulnerability with a February 6th CISA patch deadline, analyzed your development workspace screenshots for security ris htt
@DonnieHars91127
4 Feb 2026
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
KEV: SolarWinds Web Help Desk — CVE-2025-40551 (actively exploited) lets unauth attackers get RCE on WHD servers. Who’s exposed: orgs with internet-facing WHD. Fix: upgrade to Web Help Desk 2026.1 (or immediately restrict/disable external access).
@phaneragnosis
4 Feb 2026
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-40551: SolarWinds Web Help Desk Vulnerability Actively Exploited #CybersecurityNews #cyashadotcom #ShameOnNetflix https://t.co/KlmcAQrYoa
@cyashadotcom
4 Feb 2026
100 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA flags critical SolarWinds RCE flaw as exploited in attacks Tracked as CVE-2025-40551, this security flaw stems from an untrusted data deserialization weakness discovered and reported by https://t.co/5TTMWwSJRx security researcher Jimi Sebree, which can allow unauthenticated
@johndjohnson
4 Feb 2026
4416 Impressions
1 Retweet
5 Likes
0 Bookmarks
1 Reply
1 Quote
KEV de CISA (explotadas): SolarWinds Web Help Desk CVE-2025-40551 (RCE) + FreePBX CVE-2019-19006 (auth bypass) y CVE-2025-64328 (cmd inj). Si en MX lo operas, prioriza parche/mitigación hoy. https://t.co/Qx2MUYiM2S #Ciberseguridad #Mexico
@BotBauR
4 Feb 2026
46 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA adds actively exploited SolarWinds Web Help Desk RCE (CVE-2025-40551) to its Known Exploited Vulnerabilities (KEV) catalog. https://t.co/cGy6GEdxh6
@sctocs25
4 Feb 2026
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ @CISACyber has added a @solarwinds Web Help Desk flaw to its KEV catalog, citing active exploitation. • CVE-2025-40551 (CVSS 9.8) • Unauthenticated remote code execution risk • Fixes already available • Federal remediation deadlines set What does this say about pa
@TechNadu
4 Feb 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-40551 sendo explorada! SolarWinds Web Help Desk: RCE sem autenticacao. CISA deu 3 dias pra agencias federais aplicarem patch. Atualize para WHD 2026.1 AGORA. Fonte: BleepingComputer https://t.co/FER2c6LhuD
@colapsodigital
4 Feb 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA flags actively exploited SolarWinds Web Help Desk RCE (CVE-2025-40551) in KEV CISA added CVE-2025-40551 (critical insecure deserialization, CWE-502) in SolarWinds Web Help Desk to the KEV catalog after confirmed in-the-wild exploitation, warning it can enable
@ThreatSynop
4 Feb 2026
75 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Vulnérabilité critique CVE-2025-40551 dans SolarWinds WHD activement exploitée. Risque élevé pour les entreprises. #Cybersecurity #InfoSec #Vulnerability https://t.co/SeuPpga1Yu
@cyberwatcher_
4 Feb 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SolarWinds Web Help Desk flaws under active exploitation; CISA urges immediate patching CISA flagged SolarWinds Web Help Desk as actively exploited, centered on critical unauthenticated deserialization RCE (CVE-2025-40551) and related critical auth-bypass/RCE-adjacent issues
@ThreatSynop
4 Feb 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨CISAがSolarWinds Web Help Deskの脆弱性(CVE-2025-40551)を悪用確認済みに追加 認証不要でRCEが可能なデシリアライズ不備が原因。WHD 2026.1への即時更新が必須です。過去の修正漏れを狙われている可能性もあります。
@motch_dev
4 Feb 2026
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Fresh SolarWinds Web Help Desk RCE (CVE-2025-40551) is being exploited in the wild A critical unauthenticated deserialization flaw in SolarWinds Web Help Desk (CVE-2025-40551, CVSS 9.8) enables remote code execution via the AjaxProxy functionality and is now confirmed
@ThreatSynop
4 Feb 2026
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns CVE-2025-40551 is exploited in the wild. With PoC code now public, unpatched SolarWinds Web Help Desk servers are open targets. Patch now. #SolarWinds #CyberSecurity #CVE202540551 #InfoSec #RCE #Exploit #CISA https://t.co/p4HLxlsice
@the_yellow_fall
4 Feb 2026
186 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA warns SolarWinds Web Help Desk RCE (CVE-2025-40551) is being exploited in the wild CISA flagged CVE-2025-40551 as an actively exploited, unauthenticated Java deserialization flaw in SolarWinds Web Help Desk that can lead to remote command execution, enabling full
@ThreatSynop
4 Feb 2026
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISAがSolarWinds社のWeb Help Deskに存在する、リモートでコードが実行されてしまう深刻な脆弱性(CVE-2025-40551)について緊急の警告を発表しました。この脆弱性は、すでに実際の攻撃で悪用されていることが確認
@omomuki_tech
4 Feb 2026
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
米国CISAが悪用を確認した脆弱性 #KEV をカタログに追加しました。(2/3追加) 🛡️No.1503 CVE-2025-40551 SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability ============= CVSSスコア: 9.8 (Base) / SolarWinds CVSS:3.1/AV:N/AC:
@piyokango
4 Feb 2026
3087 Impressions
1 Retweet
5 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA flags actively exploited SolarWinds Web Help Desk RCE (CVE-2025-40551) and adds more flaws to KEV CISA added SolarWinds Web Help Desk’s unauthenticated deserialization RCE (CVE-2025-40551, CVSS 9.8) to the Known Exploited Vulnerabilities catalog, noting active
@ThreatSynop
4 Feb 2026
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA added actively exploited SolarWinds WHD RCE (CVE-2025-40551, CVSS 9.8) to KEV list! 🚨 Patch ASAP. Link: https://t.co/3wL4mYAneI #SolarWinds #CISA #KEV #RCE #Cybersecurity
@0xT3chn0m4nc3r
4 Feb 2026
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA flags a critical SolarWinds Web Help Desk RCE flaw (CVE-2025-40551) as actively exploited. Unauthenticated attackers can run commands remotely. Patch immediately to avoid compromise. #CyberSecurity #SolarWinds #Vulnerability #Infosec https://t.co/d1NcXJCpPn
@Prevent_Cyber
4 Feb 2026
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أضافت CISA ثغرة حرجة تؤثر على SolarWinds Web Help Desk إلى كتالوج KEV لأنها قيد الاستغلال النشط. الثغرة CVE-2025-40551 بتقييم CVSS 9.8، وهي ثغرة فك تسلسل البيانات غير الموثوقة ق
@Cybercachear
4 Feb 2026
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 SolarWinds Web Help Desk flaw added to CISA KEV • CVE-2025-40551 (CVSS 9.8): unauthenticated RCE via deserialization • Fixed in WHD v2026.1 • Federal agencies must patch by February 6
@BreachBrief
4 Feb 2026
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
KEV追加 CVE-2019-19006 Sangoma FreePBX CVE-2021-39935 GitLab Community and Enterprise Editions CVE-2025-40551 SolarWinds Web Help Desk CVE-2025-64328 Sangoma FreePBX
@papa_anniekey
4 Feb 2026
613 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 SolarWinds Web Help Desk flaw added to CISA KEV • CVE-2025-40551 (CVSS 9.8): unauthenticated RCE via deserialization • Fixed in WHD v2026.1 • Federal agencies must patch by February 6 🔗 Read → https://t.co/AJAAXjl2im
@TheHackersNews
4 Feb 2026
6110 Impressions
20 Retweets
48 Likes
7 Bookmarks
3 Replies
2 Quotes
🚨 CISA adds SolarWinds Web Help Desk + FreePBX + GitLab flaws to KEV with urgent deadlines CISA added four actively exploited vulnerabilities to the KEV catalog—SolarWinds Web Help Desk deserialization RCE (CVE-2025-40551), GitLab SSRF (CVE-2021-39935), and two Sangoma FreeP
@ThreatSynop
3 Feb 2026
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:solarwinds:web_help_desk:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7CADB33-214C-441A-BB62-64811EBBEB29",
"versionEndExcluding": "2026.1"
}
],
"operator": "OR"
}
]
}
]