New Serv-U bugs extend SolarWinds’ run of high-severity disclosures
Summary
SolarWinds has released patches for four critical remote code execution (RCE) vulnerabilities in its Serv-U managed file transfer server. The vulnerabilities, tracked as CVE-2025-40538, CVE-2025-40539, CVE-2025-40540, and CVE-2025-40541, could allow attackers to gain root (administrator) access to unpatched servers and execute arbitrary code, though exploitation requires pre-existing admin or privileged access.
IFF Assessment
Critical RCE vulnerabilities in a widely used file transfer server represent a significant risk to organizations.
Severity
Defender Context
Defenders must promptly patch Serv-U installations to prevent potential RCE attacks. Even with the requirement for pre-existing admin or privileged access, lateral movement and privilege escalation techniques could allow attackers to exploit these flaws. Keep an eye on SolarWinds products, as they continue to be a target for vulnerabilities.