SolarWinds has released security updates to address (CVE-2025-26399), a remote code execution (RCE) vulnerability in Web Help Desk software. This is the third attempt to resolve an issue in Web Help Desk that could allow attackers to execute commands on affected systems without authentication.

Affected Systems:

• SolarWinds Web Help Desk version 12.8.7 and all prior versions.

Security Risks

Successful exploitation of this vulnerability enables remote attackers to execute arbitrary code with system privileges, potentially compromising the entire system without the need for authentication.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and system administrators to:

• Update immediately to the latest supported version of SolarWinds Web Help Desk to address the vulnerabilities and mitigate associated risks.

            The SolarWinds Web Help Desk version available for upgrade is:

                        SolarWinds Web Help Desk version 12.8.7 Hotfix 1

• Before updating or patching, please ensure that you have the latest backup that can easily be restored.

For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009.

References

• SolarWinds WHD Release Notes

• SolarWinds releases third patch to fix Web Help Desk RCE bug

• SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw