Int20Z

**Name of the Vulnerable Software and Affected Versions** Microsoft IIS Web Deploy versions prior to August 2025 PatchDay **Description** An issue exists in Microsoft Web Deploy where unsafe deserialization of HTTP header contents allows an authenticated attacker to execute code remotely. The vulnerability resides in the `msdeployagentservice` and `msdeploy.axd` endpoints. Specifically, the vulnerability involves insecure deserialization of GZip and Base64 encoded headers. Successful exploitation requires only low privileges and no user interaction. A proof-of-concept (PoC) exploit is publicly available. The vulnerability allows an authorized attacker to execute code over a network. **Recommendations** Apply security updates released on or after the August 2025 PatchDay. Restrict access to the `msdeploy.axd` and `msdeployagentservice` endpoints.