CVE-2025-26686 · Windows TCP/IP Remote Code Execution Vulnerability

According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition and also to take additional actions prior to exploitation to prepare the target environment.

Are the updates for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems currently available? Yes. As of April 9, 2025, the security update (5055547) for Windows 10 for x64-based Systems and Windows 10 for 32-bit Systems are available. Customers running Windows 10 should ensure the update is installed to be protected from this vulnerability.

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

According to the CVSS metrics, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability? An unauthorized attacker must wait for a user to initiate a connection to send a DHCPv6 request. The attacker could then send a DHCPv6 reply with a fake IPv6 address.