—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Privilege Escalation Vulnerability in Microsoft Windows Admin Center

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Microsoft Windows Admin Center

Overview

A vulnerability has been reported in Microsoft Windows Admin Center, which could be exploited by an attacker to escalate privileges on the targeted system.

Target Audience:

All end-user organizations and individuals using Microsoft Windows Admin Center.

Impact Assessment:

Potential for Privilege Elevation.

Description

Microsoft Windows Admin Center is a browser-based management platform used to administer Windows servers, clusters, and infrastructure environments.

A vulnerability exists in Microsoft Windows Admin Center due to improper authentication, which allows an authorized attacker to exploit insufficient validation of authentication mechanisms, enabling local privilege escalation on the affected system.

Successful exploitation of this vulnerability could allow an authorized attacker to bypass security restrictions and gain elevated privileges on the targeted system.

Solution

 

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26119

Vendor Information

Microsoft

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26119

References

Microsoft

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26119

CVE Name

CVE-2026-26119

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmmfDqAACgkQ3jCgcSdc

ys+VjQ//U4viqfvRojy356I995v0mVPs5t5JUKayyQIK9CKu1JwBAYlsjG0sXx4z

lJTBYECdqOPjxEALLaWMY83bHxi5ivkoNAcGSHHUAld65+tCSH6D38EvGehPXxka

J8fqIl6JB+qjiT1XaLJMYXKnTn9Uv8VdMuhoHnQxymsc3G3by+nF2nbwzfNe6piR

k5C79xsHgJLi26NlY2sOAb85S+La2ZLyuMn26JGzClPlRBU+mHwDQZghIV7rzcYp

7UcoUdnxx51x1km4/4viyCYXXgwTja+wQyB38QoK7+myPg/DbYAbhXGBELCLOGdv

KsUwg3Dlj1ORfntxLxMSXtHrRov8BQmi5GNY0L6PxVFzAqiAmG7a5P6vC2JlOepX

jFMkiJdwh6Kuw36UHeyHhylJOswINd3aOtLSq5DT7errw3YIqO/RSgd7HbdtVLQU

ngdn6vvqaIOCAj8WcVUOO1ox/1UcvmAETxwkFDv3xmQFmUPbfcrfP5Lj4+scKf6r

hPId5OWZpWM1bDtfmI9HP7EnWvlsDJV5rwrfS7LmCrPqOmxX2P8/EqqIK55Xm2wF

XKxGbzwskq+uGlA06hspyW57Sr7jTcTwRpHtEfs5g/yZw9lLLhFnGrGKTNcSdLrq

wjQ/PWql7PBY2QhtWBH2p0DadTr0vf7RHAiU74K3z8q1uA0/zZo=

=w/jP

—–END PGP SIGNATURE—–