12 matches found
CVE-2023-29347
CVE-2023-29347 is a Windows Admin Center spoofing vulnerability. Connected sources identify affected software as Windows Admin Center with remote spoofing potential that can bypass UI security features, potentially enabling impersonation. Public CVSS metrics in the entry show a high impact (base ...
CVE-2025-29819
CVE-2025-29819 affects Windows Admin Center in Azure Portal. The vulnerability is an information disclosure due to external control of a file name or path, enabling a local attacker to disclose potentially sensitive information. Root cause is described as improper handling of file paths/name inpu...
CVE-2021-27066
Summary: CVE-2021-27066 is a security feature bypass in Windows Admin Center. The connected data confirms the affected product is Windows Admin Center and the vulnerability is described as a bypass of security features. The NVD/NVD-derived metrics show a CVSS v3.1 base score of 4.3 (NETWORK, LOW ...
CVE-2019-0813
CVE-2019-0813 is a Windows Admin Center elevation of privilege vulnerability revealed across multiple vendors/feeds. It arises when Windows Admin Center improperly impersonates operations, enabling an attacker with unprivileged access to gain elevated privileges. Remediation is via the March 2019...
CVE-2026-20965
CVE-2026-20965 affects Windows Admin Center. The underlying issue is improper verification of cryptographic signatures, enabling an authorized local attacker to elevate privileges. CVSS v3.1 base score 7.5 (ATT&CK not explicitly cited in the documents). The vulnerability requires local access, hi...
CVE-2026-35438
Windows Admin Center (CVE-2026-35438) has a missing authorization flaw that enables an attacker with network access and low privileges to elevate to higher privileges, potentially compromising confidentiality, integrity, and availability. The available documents identify the affected product and ...
CVE-2026-41086
Technical details about CVE-2026-41086 are not publicly available in the provided documents. Monitor for updates from official sources.
CVE-2025-64669
CVE-2025-64669 is an elevation-of-privilege in Windows Admin Center caused by improper access control. Connected sources describe exploitable paths via insecure directory permissions and TOCTOU/DLL-hijacking vectors, with two main exploit routes affecting Windows Admin Center components and updat...
CVE-2026-42834
CVE-2026-42834 describes an elevation-of-privilege vulnerability in Windows Admin Center within Azure Portal caused by improper link resolution before file access ("link following"). An authorized attacker could exploit this locally to gain higher privileges on the affected system. Affected compo...
CVE-2026-26119
CVE-2026-26119 describes an elevation-of-privilege issue in Windows Admin Center due to improper authentication. The vulnerability enables an authorized attacker to elevate privileges over the network with network access, low attack complexity, and no user interaction required. The impact is rate...
CVE-2026-23660
CVE-2026-23660 concerns Windows Admin Center in the Azure Portal with an Elevation of Privilege vulnerability. Attack vector is local, requiring LOW privileges with no user interaction, and the impact is HIGH on confidentiality, integrity, and availability. The base score is 7.8 (CVSS 3.1). The e...
CVE-2026-32196
CVE-2026-32196 is a Windows Admin Center spoofing vulnerability. The CVSSv3.1 base score is 6.1 (Medium) with network as the attack vector, low attack complexity, no privileges required, and user interaction needed. The scope is changed, with low impacts to confidentiality and integrity and no im...