CVE-2025-40554

Summary

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.

Affected Software

VendorProductVersion RangeStatus
SolarWindsWeb Help Desk12.8.8 HF1 and belowaffected

Weaknesses

  • CWE-1390: CWE-1390 Weak Authentication

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References