Mar 2026: Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vul
CVE-2026-25166 Published on March 10, 2026

Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability
Deserialization of untrusted data in Windows System Image Manager allows an authorized attacker to execute code locally.

Vendor Advisory NVD

Weakness Type

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2026-25166 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.


Products Associated with CVE-2026-25166

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Windows 11 26h1
 
Microsoft Windows 10
 
Microsoft Windows Server 2019
 
Microsoft Windows Server 2022
 
Microsoft Windows 11 25h2
 
Microsoft Windows 11 23h2
 
Microsoft Windows Server 23h2
 
Microsoft Windows 11 24h2
 
Microsoft Windows Server 2016
 
Microsoft Windows 11 Adk 24h2
 
Microsoft Windows 11 Adk 23h2
 
Microsoft Windows 11 Adk 22h2
 
Microsoft Windows Server 2022 Adk
 
Microsoft Windows 10 Adk Version 2004
 

Affected Versions

Microsoft Windows ADK for Windows 10, version 2004: Microsoft Windows ADK for Windows 11, version 22H2: Microsoft Windows ADK for Windows 11, version 23H2: Microsoft Windows ADK for Windows 11, version 24H2: Microsoft Windows ADK for Windows Server 2022:

Exploit Probability

EPSS
0.43%
Percentile
62.32%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.