What is the CVSS score of CVE-2026-45602?

CVE-2026-45602 has a CVSS 3.1 base score of 9.1 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N. EPSS exploitation probability: 0.1%.

Which versions of Windows DHCP Server are affected by CVE-2026-45602?

Windows DHCP Server deployments face an unpatched critical vulnerability (CVE-2026-45602, CVSS 9.1) that enables remote network-level attacks without authentication or user interaction-attackers can…. A patch is available.

How to fix or mitigate CVE-2026-45602?

Within 24 hours: Inventory all Windows servers with DHCP Server role enabled and implement firewall ACLs restricting DHCP traffic to authorized management networks only. Within 7 days: Deploy network segmentation and VLAN isolation to isolate DHCP services from untrusted network segments, and enable DHCP snooping on network switches. Within 30 days: Monitor Microsoft security advisories for patch availability and establish change management procedures for immediate deployment once released.

Windows DHCP Server CVE-2026-45602

EUVD-2026-35562 CRITICAL

Improper Handling of Values (CWE-229)

2026-06-09 secure@microsoft.com

GHSA-9g25-jr9m-x4jh

Authentication Bypass Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 Windows 10 22h2 Windows 11 23h2 Windows 11 24h2 Windows 11 25h2 Windows 11 26h1 Windows Server 2012 Windows Server 2016 Windows Server 2019 Windows Server 2022 Windows Server 2025

9.1

CVSS 3.1 · Vendor: microsoft

Temporal: 7.9

Severity by source

Vendor (microsoft) PRIMARY

9.1 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CIRCL (temporal)

7.9 HIGH

cvss

Primary rating from Vendor (microsoft).

CVSS VectorVendor: microsoft

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Jun 09, 2026 - 18:10 vuln.today

CVE Published

Jun 09, 2026 - 17:17 nvd

CRITICAL 9.1

DescriptionCVE.org

No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network.

AnalysisAI

Remote tampering in Microsoft Windows DHCP Server allows unauthenticated network attackers to manipulate critical data with high confidentiality and integrity impact, as reflected by the 9.1 CVSS score. The vulnerability is reachable over the network without privileges or user interaction, and no public exploit identified at time of analysis. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Gain network access to DHCP segment

Delivery

Identify Windows DHCP Server on UDP 67

Exploit

Send crafted DHCP message bypassing authentication

Execution

Tamper with lease or scope option data

Persist

Redirect client traffic to attacker infrastructure

Impact

Harvest credentials or pivot deeper

Access

Gain network access to DHCP segment

Delivery

Identify Windows DHCP Server on UDP 67

Exploit

Send crafted DHCP message bypassing authentication

Execution

Tamper with lease or scope option data

Persist

Redirect client traffic to attacker infrastructure

Impact

Harvest credentials or pivot deeper

Vulnerability AssessmentAI

Exploitation	The attacker must have network-layer reachability to a Windows Server host with the DHCP Server role enabled and listening, typically on UDP ports 67/68 within a routed enterprise network, VPN segment, or any environment where DHCP traffic is forwarded. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	Signals broadly align toward elevated priority: CVSS 9.1 with AV:N/AC:L/PR:N/UI:N indicates a remote, low-complexity, unauthenticated path, and confidentiality and integrity impacts are both High while availability is None - consistent with a tampering rather than denial-of-service primitive. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker with network reachability to the DHCP server - for example, a foothold on any client VLAN that can route UDP to the server - sends crafted DHCP protocol messages that exploit the authentication bypass to modify server-side state such as leases, reservations, or scope options. By tampering with DNS server or default gateway options pushed to clients, the attacker can redirect victim traffic through attacker-controlled infrastructure for credential capture or man-in-the-middle attacks. …
Remediation	Patch available per vendor advisory - apply the Microsoft security update referenced at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45602 to all Windows Server hosts running the DHCP Server role, prioritizing internet-adjacent and multi-tenant environments first. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Windows servers with DHCP Server role enabled and implement firewall ACLs restricting DHCP traffic to authorized management networks only. …

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-45602 vulnerability details – vuln.today

Back

Windows DHCP Server CVE-2026-45602

Severity by source

CVSS VectorVendor: microsoft

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Unlock full vulnerability intelligence

Attack ChainAIDerived

Vulnerability AssessmentAI

Recommended ActionAI

Share

External POC / Exploit Code