Emergency Security Bulletin: SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability

SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability

Identifier: CVE-2026-28318
PoC or Exploitation:
CVE-2026-28318 has been added to the CISA Known Exploited Vulnerabilities (KEV) Catalog.
CVSS Score: 7.5 (High, CVSS v3.1)

Update / Patch:
SolarWinds has released a security update addressing this vulnerability.

Affected versions include:
SolarWinds Serv-U 15.5.4 and below

Fixed version:
SolarWinds Serv-U 15.5.4 Hotfix 1

Vendor advisory and patch guidance:
https://www.solarwinds.com/trust-center/security-advisories/CVE-2026-28318

Release notes:
https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4-hotfix-1_release_notes.htm

Description:
CVE-2026-28318 is an unauthenticated denial of service vulnerability affecting SolarWinds Serv-U.

Successful exploitation can cause the Serv-U service to become unavailable, resulting in denial of service conditions and disruption of file transfer operations.

Mitigation Recommendation:
Immediately upgrade affected SolarWinds Serv-U installations to version 15.5.4 Hotfix 1.

Identify internet-facing Serv-U deployments and prioritize them for remediation.

Review application and system logs for unexpected service interruptions, crashes, resource exhaustion events, or anomalous connection activity.

Implement network access controls to limit exposure of Serv-U services where operationally feasible.

Monitor affected systems for recurring denial of service conditions and investigate any unexplained availability issues.

Verify that backup and recovery procedures are in place to support rapid restoration of affected services if disruption occurs.