en.Wedoany.com Reported - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SolarWinds Serv-U multi-protocol file server software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

The vulnerability, tracked as CVE-2026-28318 with a CVSS score of 7.5, is a denial-of-service (DoS) flaw that causes the service to crash under specific conditions. CISA has classified it as an uncontrolled resource consumption vulnerability that can lead to a DoS condition.

According to an advisory released by SolarWinds earlier this week, Serv-U is at risk of attacks involving specially crafted POST requests. These requests carry Content-Encoding: deflate, allowing unauthenticated attackers to crash the Serv-U service.

The issue has been fixed in SolarWinds Serv-U version 15.5.4 HF1. As a mitigation measure, the company recommends restricting access to known addresses and blocking any requests containing "content-encoding," as the vulnerable service does not require this feature.

It remains unclear how the vulnerability is being exploited in real-world attacks, and the identity of the attackers is unknown. It is also uncertain how many internet-exposed Serv-U instances are affected.

CISA requires Federal Civilian Executive Branch (FCEB) agencies to remediate the issue by June 19, 2026. Historically, multiple vulnerabilities in Serv-U have been exploited by malicious actors, including the Cl0p ransomware group.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com