CVE-2025-40547
18.11.2025, 09:15
A logic error vulnerability exists in Serv-U which when abused could give a malicious actor with access to admin privileges the ability to execute code. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.Enginsight
| Vendor | Product | Version |
|---|---|---|
| solarwinds | serv-u | 𝑥 < 15.5.3 |
𝑥
= Vulnerable software versions