In a CISA alert, the advisory said it had added a critical SolarWinds Web Help Desk vulnerability to its Known Exploited Vulnerabilities catalog on Tuesday, flagging CVE-2025-40551 as actively exploited with a CVSS score of 9.8.
KEY FACTS
- Vulnerability CVE-2025-40551 is an untrusted data deserialization issue that can enable remote code execution
- Severity CVSS score 9.8
- Affected SolarWinds Web Help Desk
- Mitigation SolarWinds released WHD 2026.1 with fixes
The flaw allows untrusted data deserialization that can lead to remote code execution and could permit an attacker to run commands on the host machine without authentication.
SolarWinds issued fixes in WHD version 2026.1 that address this vulnerability and multiple other high severity CVEs, including several entries rated 9.8 and one rated 8.1 and 7.5.
There are no public reports describing how the vulnerability is being weaponized, who is being targeted, or the scale of exploitation. Federal Civilian Executive Branch agencies must remediate CVE-2025-40551 by February 6, 2026 and other listed vulnerabilities by February 24, 2026 under Binding Operational Directive 22-01.
WHY IT MATTERS
Active exploitation of a high severity deserialization flaw raises the risk of unauthorized code execution and system compromise. Organizations using Web Help Desk should apply vendor updates and meet applicable remediation deadlines.