Skip to main content

Windows DHCP Server EUVD-2026-35567

| CVE-2026-45608 MEDIUM
Out-of-bounds Read (CWE-125)
2026-06-09 secure@microsoft.com GHSA-6h8v-8rff-xfh7
Information Disclosure Microsoft Buffer Overflow Windows 10 1607 Windows 10 1809 Windows 10 21h2 Windows 10 22h2 Windows 11 23h2 Windows 11 24h2 Windows 11 25h2 Windows 11 26h1 Windows Server 2012 Windows Server 2016 Windows Server 2019 Windows Server 2022 Windows Server 2025
6.8
CVSS 3.1 · NVD
Temporal: 5.9
Share

Severity by source

NVD PRIMARY
6.8 MEDIUM
AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CIRCL (temporal)
5.9 MEDIUM
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
High

Lifecycle Timeline

3
Analysis Generated
Jun 09, 2026 - 19:39 vuln.today
Patch available
Jun 09, 2026 - 19:03 EUVD
CVE Published
Jun 09, 2026 - 17:17 nvd
MEDIUM 6.8

DescriptionNVD

Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally.

AnalysisAI

Out-of-bounds read in Windows DHCP Server exposes adjacent memory contents and can crash the service, yielding both information disclosure and a high-severity denial-of-service condition on affected Windows systems. The flaw (CWE-125) is exploitable locally with low attack complexity and no user interaction, targeting systems where the DHCP Server role is installed across a broad range of Windows 10, 11, and Server editions from 2012 through 2025. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain local access to DHCP Server host
Delivery
Interact with Windows DHCP Server component
Exploit
Submit crafted malformed input to parsing routine
Execution
Trigger out-of-bounds read beyond allocated buffer
Impact
Read adjacent memory contents (info disclosure) or crash DHCP Server service (DoS)
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The Windows DHCP Server role must be explicitly installed and running on the target system - this role is not present in any default Windows installation and must be deliberately configured, making realistic targets limited to Windows Server deployments acting as network DHCP infrastructure. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 6.8 Medium (AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H) presents a notable internal tension: the high availability impact (A:H) contradicts the description's characterization of this solely as an information disclosure issue - the out-of-bounds read can crash the DHCP Server service, causing a denial of service for all clients dependent on it. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A threat actor who has obtained local access to a Windows Server running the DHCP Server role - via compromised credentials, lateral movement, or an initial foothold - submits crafted input to the DHCP Server component, triggering an out-of-bounds memory read in the underlying parsing routine. The read may expose sensitive adjacent memory (credentials, configuration data) with low confidentiality impact, or cause the DHCP Server process to crash, halting address allocation for the entire network segment served by that host. …
Remediation Apply vendor-released patches via Windows Update or the Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45608. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-35567 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy