CVE-2026-25166

🗓️ 10 Mar 2026 17:04:48Reported by microsoftType

CVE-2026-25166 remote code execution in Windows System Image Manager ADK.

Reporter	Title	Published	Views	Family All 22
ATTACKERKB	CVE-2026-25166	10 Mar 202617:04	–	attackerkb
Circl	CVE-2026-25166	10 Mar 202616:57	–	circl
CNNVD	Microsoft Windows 代码问题漏洞	10 Mar 202600:00	–	cnnvd
Cvelist	CVE-2026-25166 Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability	10 Mar 202617:04	–	cvelist
EUVD	EUVD-2026-10629	10 Mar 202618:31	–	euvd
Japan Vulnerability Notes	Security information for Hitachi Disk Array Systems	25 May 202602:39	–	jvn
Kaspersky	KLA90921 Multiple vulnerabilities in Microsoft Developer Tools	10 Mar 202600:00	–	kaspersky
Microsoft CVE	Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability	10 Mar 202614:00	–	mscve
NCSC	Vulnerabilities fixed in Microsoft Windows	10 Mar 202620:07	–	ncsc
NVD	CVE-2026-25166	10 Mar 202618:18	–	nvd

NVD

CNA

Node

microsoft windows_10_1607Range<10.0.14393.8957x64

microsoft windows_10_1607Range<10.0.14393.8957x86

microsoft windows_10_1809Range<10.0.17763.8511x64

microsoft windows_10_1809Range<10.0.17763.8511x86

microsoft windows_10_21h2Range<10.0.19044.7058arm64

microsoft windows_10_21h2Range<10.0.19044.7058x64

microsoft windows_10_21h2Range<10.0.19044.7058x86

microsoft windows_10_22h2Range<10.0.19045.7058arm64

microsoft windows_10_22h2Range<10.0.19045.7058x64

microsoft windows_10_22h2Range<10.0.19045.7058x86

microsoft windows_11_23h2Range<10.0.22631.6783arm64

microsoft windows_11_23h2Range<10.0.22631.6783x64

microsoft windows_11_24h2Range<10.0.26100.7979arm64

microsoft windows_11_24h2Range<10.0.26100.7979x64

microsoft windows_11_25h2Range<10.0.26200.7979arm64

microsoft windows_11_25h2Range<10.0.26200.7979x64

microsoft windows_11_26h1Range<10.0.28000.1719arm64

microsoft windows_11_26h1Range<10.0.28000.1719x64

microsoft windows_server_2016Range<10.0.14393.8957

microsoft windows_server_2019Range<10.0.17763.8511

microsoft windows_server_2022Range<10.0.20348.4830

microsoft windows_server_2022_23h2Range<10.0.25398.2207

[
  {
    "vendor": "Microsoft",
    "product": "Windows ADK for Windows 10, version 2004",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows ADK for Windows 11, version 22H2",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows ADK for Windows 11, version 23H2",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows ADK for Windows 11, version 24H2",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Windows ADK for Windows Server 2022",
    "versions": [
      {
        "version": "-",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25166

14 Apr 2026 16:35Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.17.8

EPSS0.01055

SSVC

CWE-502