Four Critical SolarWinds Serv-U RCE Flaws Enable Root Access
Complete Cloud Security in Minutes – Orca Security
2026-02-25 02:21:05
收藏
SolarWinds has released Serv-U 15.5.4 to address four critical vulnerabilities — CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, and CVE-2025-40541 (CVSS 9.1) — that can allow attackers to execute arbitrary code with root (Linux) or SYSTEM (Windows) privileges. Organizations running Serv-U should update immediately. These vulnerabilities impact SolarWinds Serv-U Managed File Transfer, a platform frequently deployed as an internet-facing […]
The post Four Critical SolarWinds Serv-U RCE Flaws Enable Root Access appeared first on Orca Security.
目录
最新
- Kyverno SSRF: Breaking Kubernetes Namespace Isolation (CVE-2026-4789)
- Streamline Compliance Reporting with Orca and Drata’s Integrated Vulnerability Management
- CVE-2026-23226: How a Missing Lock in ksmbd’s Channel List Exposes Your Linux SMB3 Server
- 2026 State of AppSec: When Development Velocity Outpaces Security
- AI Is Entering Your Infrastructure. Now what?
- Orca Security Featured in SACR’s 2026 Unified Agentic Defense Platforms Report
- Supply Chain Attack on Axios Delivers Cross-Platform RAT via Compromised npm Account
- Credential‑Stealing Malware in LiteLLM Supply Chain Attack