CVE-2025-59287 WSUS RCE

A critical unauthenticated Remote Code Execution (RCE) vulnerability in Microsoft Windows Server Update Services (WSUS) actively exploited in the wild.

1 intelligence brief← Intelligence Hub

Critical WSUS RCE Vulnerability CVE-2025-59287 Actively Exploited, CISA Urges Immediate Patching

A critical, unauthenticated Remote Code Execution (RCE) vulnerability, CVE-2025-59287, in Microsoft’s Windows Server Update Services (WSUS) is being actively exploited right now, allowing attackers to run malicious code with SYSTEM privileges.

Rushna Kabelet

Nov 3, 2025

4–6 minutes

CVE-2025-59287 WSUS RCE

Critical WSUS RCE Vulnerability CVE-2025-59287 Actively Exploited, CISA Urges Immediate Patching