"CVE-2025-40538 - A broken access control vulnerability that allows an attacker to create a system admin user and execute arbitrary code as root via domain admin or group admin privileges. CVE-2025-40539 and CVE-2025-40540 are type confusion vulnerabilities allowing arbitrary native code execution as root. CVE-2025-40541 is an insecure direct object reference vulnerability enabling native code execution as root."
"SolarWinds noted that the vulnerabilities require administrative privileges for successful exploitation. It also said that they carry a medium security risk on Windows deployments as the services frequently run under less-privileged service accounts by default."
"Prior vulnerabilities in the software (CVE-2021-35211, CVE-2021-35247, and CVE-2024-28995) have been exploited by malicious actors, including by a China-based hacking group tracked as Storm-0322 (formerly DEV-0322)."
SolarWinds addressed four critical security vulnerabilities in Serv-U version 15.5, all rated 9.1 on the CVSS scale. These flaws include broken access control, type confusion, and insecure direct object reference vulnerabilities that enable remote code execution as root. Exploitation requires administrative privileges, though Windows deployments face medium risk due to services running under less-privileged accounts by default. The vulnerabilities have been patched in version 15.5.4. While no active exploitation has been reported, previous Serv-U vulnerabilities have been exploited by threat actors including the China-based Storm-0322 group.
#solarwinds-serv-u-vulnerabilities #remote-code-execution #critical-security-patches #administrative-privilege-exploitation #threat-actor-history
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]