Vulnerability Details CVE-2025-40551
SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 77.0%
CVSS Severity
CVSS v3 Score 9.8
Proposed Action
SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
Ransomware Campaign
Unknown
References
Products affected by CVE-2025-40551
-
cpe:2.3:a:solarwinds:web_help_desk:-
-
cpe:2.3:a:solarwinds:web_help_desk:12.1
-
cpe:2.3:a:solarwinds:web_help_desk:12.4
-
cpe:2.3:a:solarwinds:web_help_desk:12.4.2
-
cpe:2.3:a:solarwinds:web_help_desk:12.5
-
cpe:2.3:a:solarwinds:web_help_desk:12.5.1
-
cpe:2.3:a:solarwinds:web_help_desk:12.5.2
-
cpe:2.3:a:solarwinds:web_help_desk:12.6
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.0
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.1
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.10
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.11
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.12
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.13
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.2
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.3
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.4
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.5
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.6
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.7
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.8
-
cpe:2.3:a:solarwinds:web_help_desk:12.7.9
-
cpe:2.3:a:solarwinds:web_help_desk:12.8.0
-
cpe:2.3:a:solarwinds:web_help_desk:12.8.1
-
cpe:2.3:a:solarwinds:web_help_desk:12.8.1.824
-
cpe:2.3:a:solarwinds:web_help_desk:12.8.2
-
cpe:2.3:a:solarwinds:web_help_desk:12.8.3
-
cpe:2.3:a:solarwinds:web_help_desk:12.8.4
-
cpe:2.3:a:solarwinds:web_help_desk:12.8.5