Primary

Context

Microsoft Windows Admin Center Elevation of Privilege Vulnerability

Vulnerability

Patched

A vulnerability allowing improper verification of cryptographic signatures has been identified in Windows Admin Center. This issue enables an authorized attacker to locally elevate privileges on affected systems. The vulnerability arises from a flaw in how cryptographic signatures are verified, potentially allowing attackers to manipulate permissions or access rights.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing an attacker to gain local administrative rights on machines managed by Windows Admin Center within a tenant.

Remediation

Users can update Windows Admin Center in the Azure Portal by accessing the 'AdminCenter' extension on their virtual machine. If automatic upgrades are not enabled, the update can be manually installed through the Azure Portal.

Added: Jan 13, 2026, 6:59 PM

Updated: Jan 13, 2026, 6:59 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

3.0

remediation

7.7

relevance

2.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

7.5

exploitability

3.0

remediation

7.7

relevance

2.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Windows Admin Center Elevation of Privilege Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft Windows Admin Center

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating