How to fix CVE-2025-40536?

Within 24 hours: Identify all SolarWinds Web Help Desk instances in your environment and isolate them from untrusted networks; enable detailed logging and monitor for suspicious access patterns. Within 7 days: Contact SolarWinds support for interim guidance; implement network segmentation to restrict access to help desk systems; conduct forensic analysis to determine if exploitation has occurred. Within 30 days: Deploy compensating controls (WAF rules, IP whitelisting); establish timeline with SolarWinds for patch availability; prepare upgrade plan upon patch release.

Is Web Help Desk affected by CVE-2025-40536?

SolarWinds Web Help Desk contains an authentication bypass vulnerability actively being exploited in the wild, allowing unauthenticated attackers to access restricted functionality without credentials.

CVE-2025-40536

HIGH

2026-01-28 [email protected]

8.1

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

Added to CISA KEV

Feb 13, 2026 - 14:03 cisa

CISA KEV

CVE Published

Jan 28, 2026 - 08:16 nvd

HIGH 8.1

Description

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality.

Analysis

SolarWinds Web Help Desk contains a security control bypass vulnerability (CVE-2025-40536) that allows unauthenticated attackers to access restricted functionality. With EPSS 69% and KEV listing, this CVSS 8.1 vulnerability is particularly concerning given SolarWinds' history of being targeted in supply chain attacks and the sensitive IT service data typically stored in help desk systems.

Technical Context

Web Help Desk's security controls can be circumvented by unauthenticated attackers to access functionality that should require administrative privileges. The specific bypass mechanism involves manipulation of request parameters or paths that the application's authorization framework fails to properly validate. Given that help desk systems contain IT asset inventories, ticket histories with sensitive information, and often stored credentials, this represents significant data exposure.

Affected Products

['SolarWinds Web Help Desk (versions prior to security update)']

Remediation

Apply SolarWinds security update immediately. Restrict Web Help Desk access to internal networks only. Review access logs for unauthorized access patterns. Audit help desk tickets for exposed credentials and rotate any found. Consider the sensitivity of data in WHD when planning remediation priority.

Priority Score

160

Low Medium High Critical

KEV: +50

EPSS: +69.1

CVSS: +40

POC: 0

CVE-2025-40536 vulnerability details – vuln.today

Back

CVE-2025-40536

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-40536

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code