Microsoft

Analysis of active exploitation of SolarWinds Web Help Desk

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now.
Cybernews

SolarWinds Web Help Desk users under threat as vulnerability actively exploited

The CVE has a CVSS score of 9.8 as it could allow unauthenticated adversaries to gain admin-level access to help-desk systems ...
Redmondmag.com

Microsoft Warns of Active SolarWinds Web Help Desk Exploitation

Microsoft's Defender Security Research Team has observed threat actors actively exploiting internet-exposed SolarWinds Web Help Desk instances in multi-stage intrusions that led to lateral movement ...