About:
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
Identifier: CVE-2026-28318
PoC or Exploitation:
CVE-2026-28318 has been added to the CISA Known Exploited Vulnerabilities (KEV) Catalog.
CVSS Score: 7.5 (High, CVSS v3.1)
Update / Patch:
SolarWinds has released a security update addressing this vulnerability.
Affected versions include:
SolarWinds Serv-U 15.5.4 and below
Fixed version:
SolarWinds Serv-U 15.5.4 Hotfix 1
Vendor advisory and patch guidance:
https://www.solarwinds.com/trust-center/security-advisories/CVE-2026-28318
Release notes:
https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4-hotfix-1_release_notes.htm
Description:
CVE-2026-28318 is an unauthenticated denial of service vulnerability affecting SolarWinds Serv-U.
Successful exploitation can cause the Serv-U service to become unavailable, resulting in denial of service conditions and disruption of file transfer operations.
Mitigation Recommendation:
Immediately upgrade affected SolarWinds Serv-U installations to version 15.5.4 Hotfix 1.
Identify internet-facing Serv-U deployments and prioritize them for remediation.
Review application and system logs for unexpected service interruptions, crashes, resource exhaustion events, or anomalous connection activity.
Implement network access controls to limit exposure of Serv-U services where operationally feasible.
Monitor affected systems for recurring denial of service conditions and investigate any unexplained availability issues.
Verify that backup and recovery procedures are in place to support rapid restoration of affected services if disruption occurs.