CVE-2025-59287 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
Critical KEV CVSS: 9.8

CVE-2025-59287

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
Vendor
Microsoft
Product
Windows Server 2012
CWE
CWE-502
Yayın Tarihi
2025-10-14 17:16:11
Güncelleme
2025-11-12 14:33:19
Source Identifier
secure@microsoft.com
KEV Date Added
2025-10-24

Kategoriler

CWE-502 Windows Server 2012 CRITICAL Microsoft 2025

Referanslar

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59287 https://hawktrace.com/blog/CVE-2025-59287 https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-windows-server-wsus-flaw-exploited-in-attacks/ https://www.vicarius.io/vsociety/posts/cve-2025-59287-detection-script-rce-vulnerability-in-windows-server-update-service https://www.vicarius.io/vsociety/posts/cve-2025-59287-mitigation-script-rce-vulnerability-in-windows-server-update-service https://gist.github.com/hawktrace/880b54fb9c07ddb028baaae401bd3951 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-59287