CVE-2025-40554
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SolarWinds | Web Help Desk | 12.8.8 HF1 and below | affected |
Weaknesses
- CWE-1390: CWE-1390 Weak Authentication
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
- https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40554
- https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htm
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.