SolarWinds Web Help Desk is a web-based ticketing and IT asset management software that simplifies help desk management and improves user satisfaction. This software automates ticketing management, tracks hardware and software, manages vendors, and more. It also helps to streamline ticket assignment, routing, and escalation, and provides automated SLA management and ticketing system reporting and metrics.

SolarWinds Web Help Desk

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-40554	CRITICAL	9.8	SolarWinds Web Help Desk	cpe:2.3:a:solarwinds:web_help_desk	No	Yes	Jan 28, 2026
CVE-2025-40553	CRITICAL	9.8	SolarWinds Web Help Desk	cpe:2.3:a:solarwinds:web_help_desk	No	Yes	Jan 28, 2026
CVE-2025-40552	CRITICAL	9.8	SolarWinds Web Help Desk	cpe:2.3:a:solarwinds:web_help_desk	No	Yes	Jan 28, 2026
CVE-2025-40551	CRITICAL	9.8	SolarWinds Web Help Desk	cpe:2.3:a:solarwinds:web_help_desk	Yes	Yes	Jan 28, 2026
CVE-2025-40537	HIGH	7.5	SolarWinds Web Help Desk	cpe:2.3:a:solarwinds:web_help_desk	No	Yes	Jan 28, 2026

CVE-2025-40552:
SolarWinds Web Help Desk vulnerability analysis and mitigation

9.8

Related SolarWinds Web Help Desk vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-40552: SolarWinds Web Help Desk vulnerability analysis and mitigation