Description
Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.
Published: 2026-01-13
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Patch Now
AI Analysis

Impact

Windows Admin Center contains an improper verification of cryptographic signatures, which allows an attacker with existing local authorization to elevate their privileges on the affected system. The flaw can be exploited by providing a maliciously signed component that bypasses the intended integrity check, granting the attacker higher permissions without valid endorsement.

Affected Systems

Microsoft Windows Admin Center deployed through the Azure Portal is affected. Specific versions are not listed, so all installations of Windows Admin Center should be reviewed for the presence of the vulnerability until a patch is applied.

Risk and Exploitability

The vulnerability has a CVSS score of 7.5, indicating a high severity level of privilege escalation. The EPSS score is below 1%, suggesting a low exploitation probability at this time. It is not in the CISA KEV catalog. The likely attack vector requires that the attacker already has local authorized access to the machine running Windows Admin Center, which limits the scope but still poses a serious threat in environments where local admin rights are lax or shared.

Generated by OpenCVE AI on April 16, 2026 at 08:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Windows Admin Center security update released by Microsoft that corrects the signature verification flaw.
  • Enforce least‑privilege by removing or restricting local administrative rights for users who do not need them to operate Windows Admin Center.
  • Enable audit logging for privilege‑related actions within Windows Admin Center and regularly review logs for anomalous activity.

Generated by OpenCVE AI on April 16, 2026 at 08:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 16 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 16 Jan 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows Admin Center
CPEs cpe:2.3:a:microsoft:windows_admin_center:*:*:*:*:*:azure:*:*
Vendors & Products Microsoft windows Admin Center

Tue, 13 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Description Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.
Title Windows Admin Center Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft azure Portal Windows Admin Center
Weaknesses CWE-347
CPEs cpe:2.3:a:microsoft:azure_portal_windows_admin_center:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft azure Portal Windows Admin Center
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Azure Portal Windows Admin Center Windows Admin Center
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-04-01T13:48:15.844Z

Reserved: 2025-12-04T20:04:16.341Z

Link: CVE-2026-20965

cve-icon Vulnrichment

Updated: 2026-01-13T19:41:05.445Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-13T18:16:24.417

Modified: 2026-01-16T16:23:11.237

Link: CVE-2026-20965

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T08:45:26Z

Weaknesses