Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Windows Deployment Services Remote Code Execution Vulnerability

🗓️ 13 Jan 2026 16:00:00Reported by MicrosoftType 
mscve
 mscve🔗 msrc.microsoft.com👁 4 Views

Windows Deployment Services has improper access control that allows remote code execution by an unauthorized attacker on the adjacent network.

Related
Detection
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for CVE-2025-54100
9 Dec 202520:32
githubexploit
ATTACKERKB		CVE-2026-0386
13 Jan 202617:56
attackerkb
Circl		CVE-2026-0386
13 Jan 202618:01
circl
CNNVD		Microsoft Windows Deployment Services 访问控制错误漏洞
13 Jan 202600:00
cnnvd
CVE		CVE-2026-0386
13 Jan 202617:56
cve
Cvelist		CVE-2026-0386 Windows Deployment Services Remote Code Execution Vulnerability
13 Jan 202617:56
cvelist
EUVD		EUVD-2026-2206
13 Jan 202617:56
euvd
Microsoft KB		January 13, 2026—KB5073379 (OS Build 26100.32230)
13 Jan 202616:00
mskb
Microsoft KB		January 13, 2026—KB5073450 (OS Build 25398.2092)
13 Jan 202616:00
mskb
Microsoft KB		January 13, 2026—KB5073457 (OS Build 20348.4648)
13 Jan 202616:00
mskb
Rows per page
Vulners
Node
microsoftwindows_server_2012_r2Range<6.3.9600.22968x64
OR
microsoftwindows_server_2012_r2Range<6.3.9600.22968x64
OR
microsoftwindows_server_2012Range<6.2.9200.25868x64
OR
microsoftwindows_server_2012Range<6.2.9200.25868x64
OR
microsoftwindows_server_2008_r2Range<6.1.7601.28117x64
OR
microsoftwindows_server_2008_r2Range<6.1.7601.28117x64
OR
microsoftwindows_server_2008_r2Range<6.1.7601.28117x64
OR
microsoftwindows_server_2008_r2Range<6.1.7601.28117x64
OR
microsoftwindows_server_2008_sp2Range<6.0.6003.23717x86
OR
microsoftwindows_server_2008_sp2Range<6.0.6003.23717x86
OR
microsoftwindows_server_2008_sp2Range<6.0.6003.23717x86
OR
microsoftwindows_server_2008_sp2Range<6.0.6003.23717x86
OR
microsoftwindows_server_2008_sp2Range<6.0.6003.23717x64
OR
microsoftwindows_server_2008_sp2Range<6.0.6003.23717x64
OR
microsoftwindows_server_2008_sp2Range<6.0.6003.23717x64
OR
microsoftwindows_server_2008_sp2Range<6.0.6003.23717x64
OR
microsoftwindows_server_2016Range<10.0.14393.8783
OR
microsoftwindows_server_2016Range<10.0.14393.8783
OR
microsoftwindows_server_2025Range<10.0.26100.32230
OR
microsoftwindows_server_23h2Range<10.0.25398.2092
OR
microsoftwindows_server_2025Range<10.0.26100.32230
OR
microsoftwindows_server_2022Range<10.0.20348.4648
OR
microsoftwindows_server_2022Range<10.0.20348.4648
OR
microsoftwindows_server_2019Range<10.0.17763.8276
OR
microsoftwindows_server_2019Range<10.0.17763.8276

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 Jan 2026 16:00Current
7.4High risk
Vulners AI Score7.4
CVSS 3.17.5
EPSS0.00085
SSVC
Windows Deployment Servicesremote code executionimproper access controlunauthorized attackeradjacent networksecurity vulnerability
4