SolarWinds Patches Four Critical Serv-U Vulnerabilities

"CVE-2025-40538, SolarWinds explains, is a broken access control issue that could allow threat actors to create a system admin user and execute arbitrary code with the elevated privileges of domain admin or group admin."

"The successful exploitation of all four vulnerabilities, SolarWinds explains, requires that an attacker have administrative privileges on the vulnerable Serv-U instance. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default."

"CVE-2025-40541 is described as an insecure direct object reference (IDOR) bug leading to the execution of native code in the context of a privileged account."

SolarWinds announced patches for four critical-severity vulnerabilities in its Serv-U enterprise file transfer solution, tracked as CVE-2025-40538 through CVE-2025-40541. All vulnerabilities have a CVSS score of 9.1 and affect Serv-U version 15.5. The flaws include broken access control allowing creation of admin users, type confusion issues enabling elevated privilege code execution, and an insecure direct object reference bug. Exploitation requires administrative privileges on the vulnerable instance. Windows deployments receive medium risk ratings due to default less-privileged service accounts. SolarWinds released version 15.5.4 to resolve all four issues. No active exploitation has been reported, though users are advised to update immediately.

#solarwinds-vulnerabilities #serv-u-security-patches #remote-code-execution #critical-severity-cves #enterprise-file-transfer-security

Read at SecurityWeek

Unable to calculate read time

Collection

[

...

]

SolarWinds Patches Four Critical Serv-U VulnerabilitiesSolarWinds Patches Four Critical Serv-U Vulnerabilities Briefly

SolarWinds Patches Four Critical Serv-U Vulnerabilities
SolarWinds Patches Four Critical Serv-U Vulnerabilities
Briefly