CVE-2025-59287 WSUS RCE

A critical unauthenticated Remote Code Execution (RCE) vulnerability in Microsoft Windows Server Update Services (WSUS) actively exploited in the wild.

Critical WSUS RCE Vulnerability CVE-2025-59287 Actively Exploited, CISA Urges Immediate Patching

Nov 3, 2025

—

by

Rushna Kabelet

in Cyber News & Updates

A critical, unauthenticated Remote Code Execution (RCE) vulnerability, CVE-2025-59287, in Microsoft’s Windows Server Update Services (WSUS) is being actively exploited right now, allowing attackers to run malicious code with SYSTEM privileges.

CVE-2025-59287 WSUS RCE

Critical WSUS RCE Vulnerability CVE-2025-59287 Actively Exploited, CISA Urges Immediate Patching