securityaffairsMar 10
U.S. #CISA adds #Ivanti EPM, #SolarWinds, and #Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/189172/security/u-s-cisa-adds-ivanti-epm-solarwinds-and-omnissa-workspace-one-flaws-to-its-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking
U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs
RedPacket SecurityMar 9

CVE Alert: CVE-2025-26399 - SolarWinds - Web Help Desk - https://www.redpacketsecurity.com/cve-alert-cve-2025-26399-solarwinds-web-help-desk/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-26399 #solarwinds #web-help-desk

CVE Alert: CVE-2025-26399 - SolarWinds - Web Help Desk - RedPacket Security

SolarWinds Web Help Desk was found to be susceptible to an unauthenticated AjaxProxy deserialization remote code execution vulnerability that, if exploited,

RedPacket Security
Negative PID SLMar 7

The Solar Wind Supply Chain attack

https://negativepid.blog/the-solarwinds-supply-chain-attack/

#SolarWinds #hackers #patching #supplyChain #Cybersecurity #cyberattacks #cyberThreats #onlineSecurity #negativepid

The SolarWinds Supply Chain Attack - Negative PID

Imagine downloading a patch to update a critical system, and that patch contained the malware to hack you. That really happened.

Negative PID
RaphaelFeb 25

latest SolarWinds CVEs.. all critical lmao.. patch patch patch!

CVE-2025-40538 - Improper Privilege Management
CVE-2025-40539 - Incorrect Type Conversion or Cast
CVE-2025-40540 - Incorrect Type Conversion or Cast
CVE-2025-40541 - Incorrect Type Conversion or Cast & Authorization Bypass Through User-Controlled Key

SolarWinds Serv-U 15.5.3 and prior versions

https://hecate.pw/vulnerabilities?search=vendors%3A%22SolarWinds%22+AND+published%3A%3E%3D2026-02-22&mode=dql

#vulnerability #security #solarwinds

Hecate Cyber Defense

TechNaduFeb 25

Security Advisory Summary:
SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
• CVE-2025-40538 – Broken access control → system admin creation + root RCE
• Two type confusion flaws → root code execution
• One IDOR vulnerability → elevated execution

Attack prerequisites:
High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

Exposure landscape:
12K+ internet-facing instances observed (Shodan)
File transfer platforms remain ransomware-favored entry vectors

Historical context:
Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

Immediate actions:
- Patch to 15.5.4
- Audit privileged accounts
- Review FTP/SFTP exposure
- Monitor for anomalous admin creation

Source: https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

Follow us for tactical advisories and vulnerability intelligence.

Comment with your detection or hardening recommendations.

#Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust

The New OilFeb 25

Critical #SolarWinds #ServU flaws offer root access to servers

https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/

#cybersecurity

Critical SolarWinds Serv-U flaws offer root access to servers

SolarWinds has patched four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers.

BleepingComputer
RedPacket SecurityFeb 25

CVE Alert: CVE-2025-40541 - SolarWinds - Serv-U - https://www.redpacketsecurity.com/cve-alert-cve-2025-40541-solarwinds-serv-u/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-40541 #solarwinds #serv-u

CVE Alert: CVE-2025-40541 - SolarWinds - Serv-U - RedPacket Security

An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as

RedPacket Security
RedPacket SecurityFeb 25

CVE Alert: CVE-2025-40540 - SolarWinds - Serv-U - https://www.redpacketsecurity.com/cve-alert-cve-2025-40540-solarwinds-serv-u/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-40540 #solarwinds #serv-u

CVE Alert: CVE-2025-40540 - SolarWinds - Serv-U - RedPacket Security

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged

RedPacket Security
RedPacket SecurityFeb 25

CVE Alert: CVE-2025-40539 - SolarWinds - Serv-U - https://www.redpacketsecurity.com/cve-alert-cve-2025-40539-solarwinds-serv-u/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-40539 #solarwinds #serv-u

CVE Alert: CVE-2025-40539 - SolarWinds - Serv-U - RedPacket Security

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged

RedPacket Security
RedPacket SecurityFeb 25

CVE Alert: CVE-2025-40538 - SolarWinds - Serv-U - https://www.redpacketsecurity.com/cve-alert-cve-2025-40538-solarwinds-serv-u/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-40538 #solarwinds #serv-u

CVE Alert: CVE-2025-40538 - SolarWinds - Serv-U - RedPacket Security

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute

RedPacket Security