CVE-2026-45602: Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability
No cwe for this issue in Windows DHCP Server allows an unauthorized attacker to perform tampering over a network.
Metrics
- CVSS v3.1
- 9.1
- Severity
- CRITICAL
- Fixed in
- 6.2.9200.26132
- Affected Products
- 20
HarborGuard Analysis
Synopsis
An unauthenticated network tampering vulnerability affects the Windows DHCP Server component across multiple Windows 10 and Windows 11 versions. The flaw is reachable over the network without any credentials, and no victim interaction is required to trigger it. Successful exploitation allows an attacker to tamper with DHCP server data, enabling manipulation of network configuration delivered to clients. Patched-image rebuilds at the fix versions are available on HarborGuard for environments running affected Windows versions.
HarborGuard Coverage
Detection of CVE-2026-45602 is available across every HarborGuard environment, with the CVE matched against customer images within minutes of publication, including custom-built Windows-based container images. Any image whose Windows base layer falls within the affected version ranges is flagged automatically during both registry scans and CI/CD pipeline checks.
AvailableHarborGuard scores this vulnerability at CVSS 9.1 (Critical) and makes that scoring available alongside per-environment compliance policy weighting to prioritize alert routing. Triage results are routed to the appropriate team inbox within each customer organization based on configured ownership rules.
AvailablePatched-image rebuilds at the fix versions (10.0.14393.9234, 10.0.17763.8880, 10.0.19044.7417, and the corresponding Windows 11 fix builds) are available on HarborGuard for environments running affected versions. For customers who opt into auto-remediation, a rebuilt image, regression-test run, and a pull request opened against affected workloads are all triggered automatically upon fix availability.
AvailableExploit Conditions
- Network reachabilityRequired
The attacker must reach the DHCP Server service over the network; the vulnerability is exposed to any host with network access to the server.
- AuthenticationNot required
No credentials or account of any privilege level are needed to exploit this vulnerability.
- Victim interactionNot required
Exploitation is fully remote and unsolicited; no user action or social engineering is required.
- Attack complexityDetail
The exploit is reliable and condition-free, requiring no race conditions, memory-layout knowledge, or other environmental factors.
Blast Radius
- An attacker can modify DHCP lease responses, redirecting network clients to attacker-controlled gateways or DNS servers.
- Manipulated DHCP responses allow traffic interception or redirection for any client that receives a poisoned lease.
- Confidentiality of data in transit for affected clients is compromised because routing can be silently altered without client awareness.
How HarborGuard Handles This
Available on HarborGuard: detection for CVE-2026-45602 is active across scanning pipelines and matches any Windows-based image falling within the affected version ranges. For customers who opt into auto-remediation, a patched rebuild at the appropriate fix version is triggered automatically, followed by a regression-test run and a PR opened against affected workloads. The median time from CVE publication to merged patch PR for critical-severity issues is around 90 minutes for environments with auto-remediation enabled. Where compliance policy requires manual approval, the rebuilt image and test results are queued for reviewer action. Given the unauthenticated, network-reachable nature of this flaw, customers not yet on a patched base layer should consider isolating DHCP server containers behind network policy rules that restrict inbound access to trusted subnets as a compensating control until the patched image is deployed.
Fix available
- Microsoft / Windows 10 Version 1607< 10.0.14393.9234 (from 10.0.14393.0)
- Microsoft / Windows 10 Version 1809< 10.0.17763.8880 (from 10.0.17763.0)
- Microsoft / Windows 10 Version 21H2< 10.0.19044.7417 (from 10.0.19044.0)
- Microsoft / Windows 10 Version 22H2< 10.0.19045.7417 (from 10.0.19045.0)
- Microsoft / Windows 11 version 23H2< 10.0.22631.7219 (from 10.0.22631.0)
- Microsoft / Windows 11 Version 23H2< 10.0.22631.7219 (from 10.0.22631.0)
- Microsoft / Windows 11 Version 24H2< 10.0.26100.8655 (from 10.0.26100.0)
- Microsoft / Windows 11 Version 25H2< 10.0.26200.8655 (from 10.0.26200.0)
- Microsoft / Windows 11 version 26H1< 10.0.28000.2269 (from 10.0.28000.0)
- Microsoft / Windows Server 2012< 6.2.9200.26132 (from 6.2.9200.0)
- Microsoft / Windows Server 2012 (Server Core installation)< 6.2.9200.26132 (from 6.2.9200.0)
- Microsoft / Windows Server 2012 R2< 6.3.9600.23228 (from 6.3.9600.0)
- Microsoft / Windows Server 2012 R2 (Server Core installation)< 6.3.9600.23228 (from 6.3.9600.0)
- Microsoft / Windows Server 2016< 10.0.14393.9234 (from 10.0.14393.0)
- Microsoft / Windows Server 2016 (Server Core installation)< 10.0.14393.9234 (from 10.0.14393.0)
- Microsoft / Windows Server 2019< 10.0.17763.8880 (from 10.0.17763.0)
- Microsoft / Windows Server 2019 (Server Core installation)< 10.0.17763.8880 (from 10.0.17763.0)
- Microsoft / Windows Server 2022< 10.0.20348.5256 (from 10.0.20348.0)
- Microsoft / Windows Server 2025< 10.0.26100.32995 (from 10.0.26100.0)
- Microsoft / Windows Server 2025 (Server Core installation)< 10.0.26100.32995 (from 10.0.26100.0)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C