Lucene search
K
MicrosoftWindows Admin Center

12 matches found

CVE
CVE
added 2023/07/11 5:3 p.m.175 views

CVE-2023-29347

CVE-2023-29347 is a Windows Admin Center spoofing vulnerability. Connected sources identify affected software as Windows Admin Center with remote spoofing potential that can bypass UI security features, potentially enabling impersonation. Public CVSS metrics in the entry show a high impact (base ...

8.7CVSS7.4AI score0.01665EPSS
CVE
CVE
added 2025/04/08 5:24 p.m.122 views

CVE-2025-29819

CVE-2025-29819 affects Windows Admin Center in Azure Portal. The vulnerability is an information disclosure due to external control of a file name or path, enabling a local attacker to disclose potentially sensitive information. Root cause is described as improper handling of file paths/name inpu...

6.2CVSS6.8AI score0.00838EPSS
CVE
CVE
added 2021/03/11 3:49 p.m.100 views

CVE-2021-27066

Summary: CVE-2021-27066 is a security feature bypass in Windows Admin Center. The connected data confirms the affected product is Windows Admin Center and the vulnerability is described as a bypass of security features. The NVD/NVD-derived metrics show a CVSS v3.1 base score of 4.3 (NETWORK, LOW ...

4.3CVSS4.5AI score0.02833EPSS
CVE
CVE
added 2019/04/09 8:16 p.m.99 views

CVE-2019-0813

CVE-2019-0813 is a Windows Admin Center elevation of privilege vulnerability revealed across multiple vendors/feeds. It arises when Windows Admin Center improperly impersonates operations, enabling an attacker with unprivileged access to gain elevated privileges. Remediation is via the March 2019...

9.8CVSS9.1AI score0.03537EPSS
CVE
CVE
added 2026/01/13 5:56 p.m.34 views

CVE-2026-20965

CVE-2026-20965 affects Windows Admin Center. The underlying issue is improper verification of cryptographic signatures, enabling an authorized local attacker to elevate privileges. CVSS v3.1 base score 7.5 (ATT&CK not explicitly cited in the documents). The vulnerability requires local access, hi...

7.5CVSS6.5AI score0.00209EPSS
CVE
CVE
added 2026/05/12 4:58 p.m.31 views

CVE-2026-35438

Windows Admin Center (CVE-2026-35438) has a missing authorization flaw that enables an attacker with network access and low privileges to elevate to higher privileges, potentially compromising confidentiality, integrity, and availability. The available documents identify the affected product and ...

8.3CVSS5.8AI score0.00558EPSS
CVE
CVE
added 2026/05/12 4:59 p.m.27 views

CVE-2026-41086

Technical details about CVE-2026-41086 are not publicly available in the provided documents. Monitor for updates from official sources.

8.8CVSS5.8AI score0.00427EPSS
CVE
CVE
added 2025/12/11 6:6 p.m.24 views

CVE-2025-64669

CVE-2025-64669 is an elevation-of-privilege in Windows Admin Center caused by improper access control. Connected sources describe exploitable paths via insecure directory permissions and TOCTOU/DLL-hijacking vectors, with two main exploit routes affecting Windows Admin Center components and updat...

7.8CVSS6.5AI score0.00382EPSS
CVE
CVE
added 2026/05/20 1:9 p.m.23 views

CVE-2026-42834

CVE-2026-42834 describes an elevation-of-privilege vulnerability in Windows Admin Center within Azure Portal caused by improper link resolution before file access ("link following"). An authorized attacker could exploit this locally to gain higher privileges on the affected system. Affected compo...

7.8CVSS5.8AI score0.00408EPSS
CVE
CVE
added 2026/02/17 10:56 p.m.20 views

CVE-2026-26119

CVE-2026-26119 describes an elevation-of-privilege issue in Windows Admin Center due to improper authentication. The vulnerability enables an authorized attacker to elevate privileges over the network with network access, low attack complexity, and no user interaction required. The impact is rate...

8.8CVSS5.5AI score0.00803EPSS
CVE
CVE
added 2026/03/10 5:4 p.m.19 views

CVE-2026-23660

CVE-2026-23660 concerns Windows Admin Center in the Azure Portal with an Elevation of Privilege vulnerability. Attack vector is local, requiring LOW privileges with no user interaction, and the impact is HIGH on confidentiality, integrity, and availability. The base score is 7.8 (CVSS 3.1). The e...

7.8CVSS5.8AI score0.00308EPSS
CVE
CVE
added 2026/04/14 4:58 p.m.16 views

CVE-2026-32196

CVE-2026-32196 is a Windows Admin Center spoofing vulnerability. The CVSSv3.1 base score is 6.1 (Medium) with network as the attack vector, low attack complexity, no privileges required, and user interaction needed. The scope is changed, with low impacts to confidentiality and integrity and no im...

6.1CVSS5.8AI score0.00293EPSS