Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Message Alert TWCERTCC-200-202601-00000027

[Content Description]
Web Help Desk (WHD), a product of SolarWinds, primarily provides centralized automated work order management services, including work order automation, a centralized knowledge base, and asset tracking management, to support customers and track issues. Recently, a major cybersecurity vulnerability announcement was released.

【CVE-2025-40551, CVSS: 9.8】 This is an untrusted data deserialization vulnerability, allowing unauthenticated attackers to execute commands on the host, potentially leading to remote code execution.

【CVE-2025-40552, CVSS: 9.8】 This is an authentication bypass vulnerability. If an attacker exploits this vulnerability, they can execute services that should be protected by authentication.

【CVE-2025-40553, CVSS: 9.8】 This is an untrusted data deserialization vulnerability that allows an unauthenticated attacker to execute commands on the host, potentially leading to remote code execution.

【CVE-2025-40554, CVSS: 9.8】 This is an authentication bypass vulnerability. If exploited, an attacker could perform specific operations within the Web Help Desk (WHD).

[Affected Platforms]
SolarWinds Web Help Desk (WHD) 12.8.8 HF1 and earlier versions

[Recommended Actions]
Patch the issue according to the solution released on the official website: https://documentation.solarwinds.com/en/success_center/whd/content/release_notes/whd_2026-1_release_notes.htm

[References]
1. https://www.twcert.org.tw/tw/cp-169-10680-43bed-1.html