{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-40553","assignerOrgId":"49f11609-934d-4621-84e6-e02e032104d6","state":"PUBLISHED","assignerShortName":"SolarWinds","dateReserved":"2025-04-16T08:01:25.943Z","datePublished":"2026-01-28T07:35:41.825Z","dateUpdated":"2026-02-27T04:55:46.647Z"},"containers":{"cna":{"affected":[{"defaultStatus":"affected","product":"Web Help Desk","vendor":"SolarWinds","versions":[{"status":"affected","version":"12.8.8 HF1 and below"}]}],"credits":[{"lang":"en","type":"reporter","user":"00000000-0000-4000-9000-000000000000","value":"Piotr Bazydlo working with watchTowr"}],"datePublic":"2026-01-28T07:35:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication."}],"value":"SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication."}],"impacts":[{"capecId":"CAPEC-586","descriptions":[{"lang":"en","value":"CAPEC-586 Object Injection"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-502","description":"CWE-502 Deserialization of Untrusted Data","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"49f11609-934d-4621-84e6-e02e032104d6","shortName":"SolarWinds","dateUpdated":"2026-01-28T07:35:41.825Z"},"references":[{"url":"https://www.solarwinds.com/trust-center/security-advisories/CVE-2025-40553"},{"tags":["release-notes"],"url":"https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htm"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"SolarWinds recommends customers upgrade to Web Help Desk version 2026.1."}],"value":"SolarWinds recommends customers upgrade to Web Help Desk version 2026.1."}],"source":{"discovery":"EXTERNAL"},"title":"SolarWinds Web Help Desk Deserialization of Untrusted Data Remote Code Execution Vulnerability","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"references":[{"url":"https://github.com/watchtowrlabs/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553/blob/main/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553.py","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-01-28T00:00:00+00:00","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3","id":"CVE-2025-40553"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-27T04:55:46.647Z"}}]}}