Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

The vulnerability of the Windows Deployment Services service allows a perpetrator to execute arbitrary code.

🗓️ 14 Jan 2026 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec🔗 bdu.fstec.ru

Vulnerability in Windows Deployment Services allows remote execution due to access control errors.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for CVE-2025-54100
9 Dec 202520:32
githubexploit
ATTACKERKB		CVE-2026-0386
13 Jan 202617:56
attackerkb
Circl		CVE-2026-0386
13 Jan 202618:01
circl
CNNVD		Microsoft Windows Deployment Services 访问控制错误漏洞
13 Jan 202600:00
cnnvd
CVE		CVE-2026-0386
13 Jan 202617:56
cve
Cvelist		CVE-2026-0386 Windows Deployment Services Remote Code Execution Vulnerability
13 Jan 202617:56
cvelist
EUVD		EUVD-2026-2206
13 Jan 202617:56
euvd
Microsoft KB		January 13, 2026—KB5073379 (OS Build 26100.32230)
13 Jan 202616:00
mskb
Microsoft KB		January 13, 2026—KB5073450 (OS Build 25398.2092)
13 Jan 202616:00
mskb
Microsoft KB		January 13, 2026—KB5073457 (OS Build 20348.4648)
13 Jan 202616:00
mskb
Rows per page
Vulners
Node
microsoftwindows_server_2025Range<10.0.26100.32230
OR
microsoftwindows_server_2022,_23h2_edition_(server_core_installation)Range<10.0.25398.2092
OR
microsoftwindows_server_2025_(server_core_installation)Range<10.0.26100.32230
OR
microsoftwindows_server_2022_(server_core_installation)Range<10.0.20348.4648
OR
microsoftwindows_server_2022Range<10.0.20348.4648
OR
microsoftwindows_server_2019_(server_core_installation)Range<10.0.17763.8276
OR
microsoftwindows_server_2019Range<10.0.17763.8276
OR
microsoftwindows_server_2012_r2_(server_core_installation)Range<6.3.9600.22968
OR
microsoftwindows_server_2012_r2Range<6.3.9600.22968
OR
microsoftwindows_server_2012_(server_core_installation)Range<6.2.9200.25868
OR
microsoftwindows_server_2012Range<6.2.9200.25868
OR
microsoftwindows_server_2008_r2_service_pack_1_(server_core_installation)Range<6.1.7601.28117
OR
microsoftwindows_server_2008_r2_service_pack_1Range<6.1.7601.28117
OR
microsoftwindows_server_2008_service_pack_2_(server_core_installation)Range<6.0.6003.23717
OR
microsoftwindows_server_2008_service_pack_2Range<6.0.6003.23717
OR
microsoftwindows_server_2016_(server_core_installation)Range<10.0.14393.8783
OR
microsoftwindows_server_2016Range<10.0.14393.8783

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
14 Jan 2026 00:00Current
CVSS 26.8
CVSS 37.5
EPSS0.00525
Windows Deployment ServicesAccess control errorsRemote executionArbitrary code
0