Vulnerabilities were recently announced related to SolarWinds Serv-U file transfer software.
Identifier
SA-21
Applies To
SolarWinds Serv-U Publication: https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4_release_notes.htm
Details
Archer utilizes Serv-U FTP Server.
While Archer FTP servers were not found to be vulnerable to these issues, out of an abundance of caution Archer has upgraded all Serv-U FTP Servers to the patched version to mitigate CVE-2025-40538, CVE-2025-40539, CVE-2025-40540 and CVE-2025-40541.
Due to current world events, as a corporation we already have heightened monitoring of our infrastructure.
Next Steps
We will continue to monitor this situation. Archer systems will be updated with the latest indicators of compromise (IOCs) and will continuously monitor any use of this software in our environments.
This page will be updated with relevant information as Archer deems necessary. If new information changes the details contained in this advisory will be updated.
Please check back for more information or direct specific concerns to your Archer Account Manager and/or Archer Technical Support representative.
Legal Information
Read and use the information in this Archer Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this advisory, contact Archer Customer Support. Archer distributes Archer Security Advisories in order to bring to the attention of users of the affected Archer products important security information.
Originally posted on February 26, 2026 in the Archer Community.
Comments
0 comments
Please sign in to leave a comment.