Microsoft WSUS Flaw Enables Remote Code Execution
A critical vulnerability in Microsoft Windows Server Update Services (WSUS), tracked as CVE-2025-59287, has been disclosed with a maximum CVSS score of 9.8. The Microsoft WSUS flaw enables unauthenticated attackers to execute remote code through unsafe cookie deserialization, posing a severe threat to enterprise environments relying on WSUS for patch management.
Security researcher Batuhan Er from HawkTrace revealed technical details of the exploit, along with a functional proof-of-concept (PoC). The flaw allows attackers to bypass authentication mechanisms and gain control of the WSUS server, potentially leading to widespread compromise within affected networks.
The Microsoft WSUS flaw enables exploitation without user interaction, increasing the urgency for security teams to assess their exposure. It joins a growing list of high-severity vulnerabilities, including CVE-2025-11371 and CVE-2025-54253, which have also surfaced this year.
For more technical details and access to the full disclosure and PoC, read the official report at the link below.