Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Feb 6, 2026

CVE-2025-40551

High
EPSS 80.6%CISA KEV
SolarWinds/Web Help Desk

Description

SolarWinds Web Help Desk contains a deserialization of untrusted data vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.

EPSS — Exploit Probability

80.6%

Higher than 99.1% of all CVEs

Required Action

https://www.solarwinds.com/trust-center/security-advisories/cve-2025-40551 ; https://nvd.nist.gov/vuln/detail/CVE-2025-40551

Related Articles (1)

Malware & Threats

Critical Microsoft SharePoint flaw now exploited in attacks

A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and Infrastructure Security Agency (CISA) warned.

Mar 19, 2026

Risk Assessment

HIGH
In CISA KEV
High EPSS

Details

Severity
High
EPSS
80.6%
CISA KEV
Yes
Ransomware
Unknown
Articles
1

Timeline

Published

Feb 3, 2026

Added to KEV

Feb 3, 2026

Remediation Due

Feb 6, 2026

Affected Product

SolarWinds

Web Help Desk

View all SolarWinds CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE