Windows DHCP Client Information Disclosure Vulnerability
MonitorCVSS 6.8CVE-2026-45608Jun 9, 2026
Microsoft
IT in OT - Windows Server and Active Directory are widely deployed in OT environments
Attack path
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Out-of-bounds read vulnerability in Windows DHCP Client allows an authorized attacker with local code execution capability to disclose sensitive information from the DHCP Client service memory. The vulnerability affects Windows 10, Windows 11, Windows Server 2016, 2019, 2022, and 2025. Exploitation is assessed as unlikely. Microsoft has released patches for all affected versions.
What this means
What could happen
An attacker with local access to a Windows system could read sensitive information from the DHCP client service memory, potentially exposing network configuration details or credentials. This is a local information disclosure only and does not directly impact operational processes.
Who's at risk
Windows system administrators managing engineering workstations, HMI systems, and any Windows-based servers in water utilities and electric utilities. This affects Windows 10, Windows 11, and Windows Server 2016, 2019, 2022, and 2025 systems used for monitoring and control.
How it could be exploited
An attacker who can execute code or run commands on the local Windows system could trigger an out-of-bounds read in the DHCP Client service to extract sensitive data from memory. This requires the attacker to already have a foothold on the machine.
Prerequisites
- Local code execution capability or ability to run commands on the Windows system
- Access to the affected Windows system (does not require administrator privileges)
- Windows DHCP Client service must be running
Local code execution requiredInformation disclosure only, not direct operational impactAffects widely deployed Windows versions across OT environmentsMedium severity (CVSS 6.8)
Exploitability
Unlikely to be exploited — EPSS score 0.3%
Affected products (26)
26 with fix
ProductAffected VersionsFix Status
Remediation & Mitigation
0/9
Schedule — requires maintenance window
0/9Patching may require device reboot — plan for process interruption
Windows Server 2016
HOTFIXUpdate Windows Server 2016 to Build 10.0.14393.9234 or later
Windows Server 2019
HOTFIXUpdate Windows Server 2019 to Build 10.0.17763.8880 or later
Windows Server 2022
HOTFIXUpdate Windows Server 2022 to Build 10.0.20348.5256 or later
Windows Server 2025
HOTFIXUpdate Windows Server 2025 to Build 10.0.26100.32995 or later
All products
HOTFIXUpdate Windows 10 Version 1809 to Build 10.0.17763.8880 or later
HOTFIXUpdate Windows 10 Version 21H2 to Build 10.0.19044.7417 or later
HOTFIXUpdate Windows 10 Version 22H2 to Build 10.0.19045.7417 or later
HOTFIXUpdate Windows 10 Version 1607 to Build 10.0.14393.9234 or later
HOTFIXUpdate Windows 11 to the June 2026 security update for your version
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/1a026029-d231-409d-b6e6-08782c4a197eGet OT security insights every Tuesday
Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.