CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

SolarWinds Patches Four Critical Serv-U Vulnerabilities

The four security defects could be exploited for remote code execution but require administrative privileges. The post SolarWinds Patches Four Critical Serv-U Vulnerabilities appeared first on SecurityWeek.

SolarWinds patches vulnerability

SolarWinds on Tuesday announced patches for four critical-severity vulnerabilities in its enterprise file transfer solution, Serv-U.

All four security defects, tracked as CVE-2025-40538 to CVE-2025-40541, have a CVSS score of 9.1, could result in remote code execution, and impact Serv-U version 15.5.

CVE-2025-40538, SolarWinds explains, is a broken access control issue that could allow threat actors to create a system admin user and execute arbitrary code with the elevated privileges of domain admin or group admin.

CVE-2025-40539 and CVE-2025-40540 are type confusion flaws that allow attackers to execute code with elevated privileges, the company notes, without providing additional details.

CVE-2025-40541 is described as an insecure direct object reference (IDOR) bug leading to the execution of native code in the context of a privileged account.

The successful exploitation of all four vulnerabilities, SolarWinds explains, requires that an attacker have administrative privileges on the vulnerable Serv-U instance.

“On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default,” the company says.

All four CVEs were resolved with the release of SolarWinds Serv-U version 15.5.4. Additional information can be found on SolarWinds’ security advisories page.

SolarWinds makes no mention of any of these flaws being exploited in the wild, but users are advised to update their instances as soon as possible.

Threat actors are known to target SolarWinds bugs in attacks, including issues affecting the Serv-U file transfer appliances.

In late January, SolarWinds rolled out fixes for Web Help Desk (WHD) security defects that had been potentially exploited as zero-days in attacks observed in December 2025. In mid-February, the US cybersecurity agency CISA added one of the issues to its Known Exploited Vulnerabilities (KEV) list.

Related: VMware Aria Operations Vulnerability Could Allow Remote Code Execution

Related: Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs

Related: Recent RoundCube Webmail Vulnerability Exploited in Attacks

Related: Critical Grandstream Phone Vulnerability Exposes Calls to Interception

Latest News

CYBERNEWSMEDIAPublisher