Volerion logoVolerion
Volerion logoVolerion

Microsoft Windows Deployment Services Use-After-Free Vulnerability Allowing Remote Code Execution

Vulnerability

A use-after-free vulnerability has been identified in Windows Deployment Services (WDS) that allows an unauthorized attacker to execute code remotely over the network. This vulnerability affects multiple versions of Windows Server, including 2012, 2012 R2, 2016, 2019, 2022, and 2025, as well as Windows Server 2025 and 2022 Server Core installations.

Impact

Exploitation of this vulnerability could lead to unauthorized remote code execution on the affected server.

Reproduction

To reproduce this vulnerability, send specially crafted network requests to a Windows Server system with the Windows Deployment Services role enabled and listening for TFTP traffic. The vulnerability can be triggered by causing a race condition that leads the server to mishandle simultaneous requests, allowing access to invalid memory and execution of arbitrary code.

Remediation

Users can apply the security update for their specific Windows Server version. This update is available through the Microsoft Update Catalog.

Added: Jun 9, 2026, 7:33 PM
Updated: Jun 9, 2026, 7:33 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
7.5
exploitability
6.0
remediation
0.0
relevance
9.4
threat
1.6
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.