16 matches found
Windows Server Update Service - Insecure Deserialization
Windows Server Update Service contains an insecure deserialization vulnerability caused by deserialization of untrusted data. An unauthorized attacker with network access can exploit this to execute arbitrary code remotely, potentially leading to full system compromise. id: CVE-2025-59287 info:...
Exploit for Deserialization of Untrusted Data in Microsoft
CVE-2025-59287 - WSUS / SCCM RCE Based on the original exploi...
Metasploit Wrap-Up 11/14/2025
It has “SUS” in the name, what did you expect? This week’s release features the much-hyped CVE-2025-59287, a Critical-Severity Windows Server Update Service WSUS vulnerability that allows for SYSTEM level remote code execution. Documented among the multiple recent zero-days in Windows, the...
Exploit for Deserialization of Untrusted Data in Microsoft
🚨 ALERTA CRÍTICA DE CIBERSEGURIDAD: RCE en WSUS CVE-2025-5928...
Exploit for Deserialization of Untrusted Data in Microsoft
CVE-2025-59287-WSUS powershell version of hawktrace POC exploi...
Exploit for CVE-2025-59287
CVE-2025-59287 WSUS RCE Exploit Automated exploit for Windows...
KB5070883: Windows Server 2019 WSUS RCE (CVE-2025-59287)
The remote Windows host is missing security update 5070879, which addresses a remote code execution vulnerability in Windows Server Update Services WSUS. This plugin identifies vulnerable systems by performing the following checks: 1. Validates the host is an affected Windows Server instance. 2...
KB5070882: Windows Server 2016 WSUS RCE (CVE-2025-59287)
The remote Windows host is missing security update 5070879, which addresses a remote code execution vulnerability in Windows Server Update Services WSUS. This plugin identifies vulnerable systems by performing the following checks: 1. Validates the host is an affected Windows Server instance. 2...
KB5070887: Windows Server 2012 WSUS RCE (CVE-2025-59287)
The remote Windows host is missing security update 5070879, which addresses a remote code execution vulnerability in Windows Server Update Services WSUS. This plugin identifies vulnerable systems by performing the following checks: 1. Validates the host is an affected Windows Server instance. 2...
KB5070886: Windows Server 2012R2 WSUS RCE (CVE-2025-59287)
The remote Windows host is missing security update 5070879, which addresses a remote code execution vulnerability in Windows Server Update Services WSUS. This plugin identifies vulnerable systems by performing the following checks: 1. Validates the host is an affected Windows Server instance. 2...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service - Circumvention of a security measure - Manipulation of data - Execution of arbitrary code user privilege...
CVE-2025-59287 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
...
CVE-2025-59287
CVE-2025-59287 is a deserialization vulnerability in Windows Server Update Services (WSUS) that enables unauthenticated, remote code execution over the network via crafted data (notably SOAP requests to WSUS endpoints such as Client.asmx). Connected exploit analyses confirm the root cause as unsa...
CVE-2025-59287 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
...
October 23, 2025—KB5070879 (OS Build 25398.1916) Out-of-band
October 23, 2025—KB5070879 OS Build 25398.1916 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business device...
October 23, 2025—KB5070883 (OS Build 17763.7922) Out-of-band
October 23, 2025—KB5070883 OS Build 17763.7922 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business device...