CVE-2025-59287

EUVD-2025-34268
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
microsoftCNA
9.8 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_server_2012
-
microsoftwindows_server_2016
𝑥
< 10.0.14393.8524
microsoftwindows_server_2019
𝑥
< 10.0.17763.7922
microsoftwindows_server_2022
𝑥
< 10.0.20348.4297
microsoftwindows_server_2022_23h2
𝑥
< 10.0.25398.1916
microsoftwindows_server_2025
𝑥
< 10.0.26100.6905
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows Server 2012
Server Core
KB5070887
Standard
KB5070887
Windows Server 2012 R2
Server Core
KB5070886
Standard
KB5070886
Windows Server 2016
Server Core
KB5070882
Standard
KB5070882
Windows Server 2019
Server Core
KB5070883
Standard
KB5070883
Windows Server 2022
23H2 Server Core
KB5070879
Server Core
KB5070892
Standard
KB5070892
Windows Server 2025
Server Core
KB5070893
Standard
KB5070893
Common Weakness Enumeration
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287
https://hawktrace.com/blog/CVE-2025-59287
https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-windows-server-wsus-flaw-exploited-in-attacks/
https://www.vicarius.io/vsociety/posts/cve-2025-59287-detection-script-rce-vulnerability-in-windows-server-update-service
https://www.vicarius.io/vsociety/posts/cve-2025-59287-mitigation-script-rce-vulnerability-in-windows-server-update-service
https://gist.github.com/hawktrace/880b54fb9c07ddb028baaae401bd3951
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-59287