CVE-2025-40552

Critical

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious…

SolarWinds·CWE-1390·Published 2026-01-28

CVSS

9.8

EPSS

0.52

KEV

Exploits

Vendor statements (1)

solarwinds.com

cve.orgen

218 chars

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.

NVDes

236 chars

SolarWinds Web Help Desk se encontró que era susceptible a una vulnerabilidad de omisión de autenticación que, si se explotaba, permitiría a un actor malicioso ejecutar acciones y métodos que deberían estar protegidos por autenticación.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H