SolarWinds Patches Four Critical Serv-U Vulnerabilities

“On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default,” the company says.All four CVEs were resolved with the release of SolarWinds Serv-U version 15.5.4. Additional information can be found on SolarWinds’security advisoriespage.SolarWinds makes no mention of any of these flaws being exploited in the wild, but users are advised to update their instances as soon as possible.Threat actors are known to target SolarWinds bugs in attacks, includingissues affecting the Serv-Ufile transfer appliances.In late January, SolarWinds rolled out fixes for Web Help Desk (WHD) security defects that had beenpotentially exploited as zero-daysin attacks observed in December 2025. In mid-February, the US cybersecurity agencyCISA addedone of the issues to its Known Exploited Vulnerabilities (KEV) list.Related:VMware Aria Operations Vulnerability Could Allow Remote Code ExecutionRelated:Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTsRelated:Recent RoundCube Webmail Vulnerability Exploited in AttacksRelated:Critical Grandstream Phone Vulnerability Exposes Calls to Interception

All four CVEs were resolved with the release of SolarWinds Serv-U version 15.5.4. Additional information can be found on SolarWinds’security advisoriespage.SolarWinds makes no mention of any of these flaws being exploited in the wild, but users are advised to update their instances as soon as possible.Threat actors are known to target SolarWinds bugs in attacks, includingissues affecting the Serv-Ufile transfer appliances.In late January, SolarWinds rolled out fixes for Web Help Desk (WHD) security defects that had beenpotentially exploited as zero-daysin attacks observed in December 2025. In mid-February, the US cybersecurity agencyCISA addedone of the issues to its Known Exploited Vulnerabilities (KEV) list.Related:VMware Aria Operations Vulnerability Could Allow Remote Code ExecutionRelated:Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTsRelated:Recent RoundCube Webmail Vulnerability Exploited in AttacksRelated:Critical Grandstream Phone Vulnerability Exposes Calls to Interception

SolarWinds makes no mention of any of these flaws being exploited in the wild, but users are advised to update their instances as soon as possible.Threat actors are known to target SolarWinds bugs in attacks, includingissues affecting the Serv-Ufile transfer appliances.In late January, SolarWinds rolled out fixes for Web Help Desk (WHD) security defects that had beenpotentially exploited as zero-daysin attacks observed in December 2025. In mid-February, the US cybersecurity agencyCISA addedone of the issues to its Known Exploited Vulnerabilities (KEV) list.Related:VMware Aria Operations Vulnerability Could Allow Remote Code ExecutionRelated:Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTsRelated:Recent RoundCube Webmail Vulnerability Exploited in AttacksRelated:Critical Grandstream Phone Vulnerability Exposes Calls to Interception

Threat actors are known to target SolarWinds bugs in attacks, includingissues affecting the Serv-Ufile transfer appliances.In late January, SolarWinds rolled out fixes for Web Help Desk (WHD) security defects that had beenpotentially exploited as zero-daysin attacks observed in December 2025. In mid-February, the US cybersecurity agencyCISA addedone of the issues to its Known Exploited Vulnerabilities (KEV) list.Related:VMware Aria Operations Vulnerability Could Allow Remote Code ExecutionRelated:Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTsRelated:Recent RoundCube Webmail Vulnerability Exploited in AttacksRelated:Critical Grandstream Phone Vulnerability Exposes Calls to Interception

In late January, SolarWinds rolled out fixes for Web Help Desk (WHD) security defects that had beenpotentially exploited as zero-daysin attacks observed in December 2025. In mid-February, the US cybersecurity agencyCISA addedone of the issues to its Known Exploited Vulnerabilities (KEV) list.Related:VMware Aria Operations Vulnerability Could Allow Remote Code ExecutionRelated:Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTsRelated:Recent RoundCube Webmail Vulnerability Exploited in AttacksRelated:Critical Grandstream Phone Vulnerability Exposes Calls to Interception

Related:VMware Aria Operations Vulnerability Could Allow Remote Code ExecutionRelated:Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTsRelated:Recent RoundCube Webmail Vulnerability Exploited in AttacksRelated:Critical Grandstream Phone Vulnerability Exposes Calls to Interception

Related:Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTsRelated:Recent RoundCube Webmail Vulnerability Exploited in AttacksRelated:Critical Grandstream Phone Vulnerability Exposes Calls to Interception

Related:Recent RoundCube Webmail Vulnerability Exploited in AttacksRelated:Critical Grandstream Phone Vulnerability Exposes Calls to Interception

Related:Critical Grandstream Phone Vulnerability Exposes Calls to Interception

Ionut Arghire is an international correspondent for SecurityWeek.

Source: SecurityWeek