CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their systems within three days.
Tracked as CVE-2025-40551, this security flaw stems from an untrusted data deserialization weakness discovered and reported by Horizon3.ai security researcher Jimi Sebree, which can allow unauthenticated attackers to gain remote command execution on unpatched devices.
“SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution which would allow an attacker to run commands on the host machine,” the company explained on January 28 when it released Web Help Desk 2026.1 to patch the vulnerability.
The same day, SolarWinds also patched a high-severity hardcoded-credentials vulnerability (CVE-2025-40537) discovered by Sebree and two authentication-bypass security flaws (CVE-2025-40552 and CVE-2025-40554) reported by watchTowr’s Piotr Bazydlo, all of them remotely exploitable.
On Tuesday, CISA added CVE-2025-40551 to its catalog of flaws exploited in the wild and gave Federal Civilian Executive Branch (FCEB) agencies three days to secure their systems, as mandated by the Binding Operational Directive (BOD) 22-01, issued in November 2021.
Although BOD 22-01 targets only federal agencies, CISA encouraged all network defenders, including those in the private sector, to patch their devices against ongoing CVE-2025-40551 attacks as soon as possible.
Admins are advised to patch their systems as soon as possible, given that hackers have frequently exploited Web Help Desk vulnerabilities in the wild. For instance, CISA tagged a Web Help Desk hardcoded credentials flaw in October 2024 as actively exploited, and SolarWinds addressed a patch bypass in September 2025 for another Web Help Desk RCE flaw flagged as exploited in attacks.
Web Help Desk is a popular help desk management software among government agencies, large corporations, healthcare organizations, and educational institutions. SolarWinds claims that more than 300,000 customers worldwide use its IT management products.
Modern IT infrastructure moves faster than manual workflows can handle.
In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.