CVE-2026-25166 Overview
CVE-2026-25166 is a deserialization of untrusted data vulnerability [CWE-502] in Windows System Image Manager (SIM). An authorized local attacker can craft malicious serialized data that, when processed by the affected component, executes arbitrary code in the context of the targeted process. The flaw affects supported builds of Windows 10, Windows 11, and Windows Server releases through 2022 23H2. Microsoft has acknowledged the issue and published a security update through the Microsoft Security Response Center.
Critical Impact
Successful exploitation grants local code execution with full impact to confidentiality, integrity, and availability on the affected host.
Affected Products
- Microsoft Windows 10 (1607, 1809, 21H2, 22H2) on x86, x64, and arm64
- Microsoft Windows 11 (23H2, 24H2, 25H2, 26H1) on x64 and arm64
- Microsoft Windows Server 2016, 2019, 2022, and 2022 23H2
Discovery Timeline
- 2026-03-10 - CVE-2026-25166 published to NVD
- 2026-03-13 - Last updated in NVD database
Technical Details for CVE-2026-25166
Vulnerability Analysis
Windows System Image Manager is the tooling used to author unattended Windows setup answer files and manage distribution shares. The vulnerability arises when SIM deserializes untrusted input without sufficient type validation. An attacker who can place a crafted serialized object in a location loaded by SIM can trigger gadget chains that lead to arbitrary code execution. Because the attacker must be authenticated on the host, this issue is most relevant to multi-user systems, build servers, and shared imaging workstations where adversaries pivot from a lower-privileged foothold.
Root Cause
The root cause is unsafe deserialization of untrusted data, classified under [CWE-502]. The affected code path reconstructs object graphs from serialized input without restricting allowed types or validating object integrity. When the deserializer encounters attacker-supplied gadgets, it executes side-effect-bearing constructors or setters, resulting in code execution within the SIM process context.
Attack Vector
The attack vector is local and requires low privileges with no user interaction. An attacker authenticates to the target host, stages a malicious answer file, catalog, or related project artifact, and induces SIM to open or process that file. Once SIM deserializes the crafted payload, the embedded gadget chain executes attacker-controlled code. This can be combined with downstream techniques such as token theft or service abuse to escalate privileges or persist on the host.
No public proof-of-concept code has been released for CVE-2026-25166. Technical details are described in the Microsoft Security Update for CVE-2026-25166.
Detection Methods for CVE-2026-25166
Indicators of Compromise
- Unexpected child processes spawned by imgmgr.exe or related Windows Assessment and Deployment Kit (ADK) binaries.
- Recently created or modified unattended answer files (.xml) and catalog files (.clg) in user-writable locations.
- PowerShell, cmd.exe, or scripting host processes initiated by an account that does not normally perform imaging operations.
Detection Strategies
- Hunt for process trees where Windows System Image Manager is the parent of interactive shells, LOLBins, or network tooling.
- Alert on serialized .NET BinaryFormatter or XML payloads written into SIM project directories shortly before SIM is launched.
- Correlate authentication events for low-privileged users with subsequent execution of administrative or imaging utilities on the same host.
Monitoring Recommendations
- Enable Windows command-line and module-load auditing on systems that host the Windows ADK and SIM.
- Forward Sysmon process creation, file creation, and image load events from imaging workstations to a centralized analytics platform.
- Baseline normal SIM usage by team and host, then alert on deviations such as off-hours execution or new operators.
How to Mitigate CVE-2026-25166
Immediate Actions Required
- Apply the Microsoft security update referenced in the MSRC advisory for CVE-2026-25166 to all affected Windows 10, Windows 11, and Windows Server builds.
- Inventory hosts with the Windows ADK and System Image Manager installed and prioritize patching for shared build servers and imaging workstations.
- Restrict interactive logon on imaging systems to administrators responsible for OS deployment.
Patch Information
Microsoft has released fixes through the standard Windows Update channel. Refer to the Microsoft Security Update for CVE-2026-25166 for the specific KB numbers and build versions corresponding to each affected platform.
Workarounds
- Until patches are applied, restrict write access to SIM project directories, distribution shares, and catalog files to trusted administrators only.
- Do not open answer files (unattend.xml) or catalog files received from untrusted users or external sources in System Image Manager.
- Remove the Windows ADK and SIM components from endpoints that do not require image authoring capabilities.
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
