CVE-2025-53772

Name of the Vulnerable Software and Affected Versions Microsoft IIS Web Deploy versions prior to August 2025 PatchDay

Description An issue exists in Microsoft Web Deploy where unsafe deserialization of HTTP header contents allows an authenticated attacker to execute code remotely. The vulnerability resides in the msdeployagentservice and msdeploy.axd endpoints. Specifically, the vulnerability involves insecure deserialization of GZip and Base64 encoded headers. Successful exploitation requires only low privileges and no user interaction. A proof-of-concept (PoC) exploit is publicly available. The vulnerability allows an authorized attacker to execute code over a network.

Recommendations Apply security updates released on or after the August 2025 PatchDay. Restrict access to the msdeploy.axd and msdeployagentservice endpoints.