Windows Admin Center
Monthly
Authenticated remote code execution in Microsoft Windows Admin Center (CWE-77) lets an attacker with low-privilege access inject and run arbitrary commands over the network, yielding full confidentiality, integrity, and availability compromise (CVSS 8.8). Microsoft has released a patch; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Remote code execution in Microsoft Windows Admin Center allows an authenticated attacker to run arbitrary code over the network by exploiting a relative path traversal (CWE-23) flaw. Any user holding valid low-privilege credentials to the WAC gateway can leverage the traversal to break out of the intended file path and achieve full compromise (confidentiality, integrity, and availability impact all High). Microsoft has published a patch via MSRC; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Local privilege-to-code-execution in Microsoft Windows Admin Center lets an already-authenticated, lower-privileged user abuse an improper authorization check (CWE-285) to run arbitrary code on the host where the management tool is installed. Rated CVSS 7.8 with high confidentiality, integrity, and availability impact, it requires local access and existing low-level privileges rather than remote unauthenticated reach. No public exploit identified at time of analysis, and it is not listed in CISA KEV, but Microsoft has released a fix via the MSRC update guide.
Local privilege escalation in Microsoft Windows Admin Center allows an already-authenticated, low-privileged attacker to elevate to higher privileges by abusing an improper authentication weakness (CWE-287). Any host running the management tool is affected, and successful exploitation yields full confidentiality, integrity, and availability impact on the local system. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix.
Improper authentication in Windows Admin Center allows an authorized attacker to disclose information over a network.
Privilege elevation in Microsoft Windows Admin Center allows an already-authenticated (low-privileged) network attacker to bypass improper authentication controls and gain higher privileges, exposing high-value confidentiality and integrity impact. Rated CVSS 8.1 with low attack complexity and no user interaction, the flaw is remotely reachable but requires an existing authorized session. No public exploit identified at time of analysis; Microsoft has released a fix via the MSRC update guide.
Windows Admin Center in Azure Portal contains an access control flaw that enables local authenticated users to escalate their privileges. An attacker with valid credentials can exploit this vulnerability to gain elevated permissions on the system. No patch is currently available for this issue.
Windows Admin Center's authentication mechanism can be bypassed by authenticated network users to gain elevated privileges on affected Windows systems. An attacker with valid credentials could exploit this weakness to escalate their access level without additional user interaction. A patch is available to remediate this high-severity vulnerability.
Windows Admin Center fails to properly validate cryptographic signatures, enabling high-privileged users to bypass security controls and gain elevated system access on local machines. This vulnerability affects both Windows and Windows Admin Center installations and requires an authenticated attacker with administrative credentials to exploit. No patch is currently available for this issue.
External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Windows Admin Center Spoofing Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Windows Admin Center Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
An elevation of privilege vulnerability exists when Windows Admin Center improperly impersonates operations in certain situations, aka 'Windows Admin Center Elevation of Privilege Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Authenticated remote code execution in Microsoft Windows Admin Center (CWE-77) lets an attacker with low-privilege access inject and run arbitrary commands over the network, yielding full confidentiality, integrity, and availability compromise (CVSS 8.8). Microsoft has released a patch; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.
Remote code execution in Microsoft Windows Admin Center allows an authenticated attacker to run arbitrary code over the network by exploiting a relative path traversal (CWE-23) flaw. Any user holding valid low-privilege credentials to the WAC gateway can leverage the traversal to break out of the intended file path and achieve full compromise (confidentiality, integrity, and availability impact all High). Microsoft has published a patch via MSRC; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.
Local privilege-to-code-execution in Microsoft Windows Admin Center lets an already-authenticated, lower-privileged user abuse an improper authorization check (CWE-285) to run arbitrary code on the host where the management tool is installed. Rated CVSS 7.8 with high confidentiality, integrity, and availability impact, it requires local access and existing low-level privileges rather than remote unauthenticated reach. No public exploit identified at time of analysis, and it is not listed in CISA KEV, but Microsoft has released a fix via the MSRC update guide.
Local privilege escalation in Microsoft Windows Admin Center allows an already-authenticated, low-privileged attacker to elevate to higher privileges by abusing an improper authentication weakness (CWE-287). Any host running the management tool is affected, and successful exploitation yields full confidentiality, integrity, and availability impact on the local system. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix.
Improper authentication in Windows Admin Center allows an authorized attacker to disclose information over a network.
Privilege elevation in Microsoft Windows Admin Center allows an already-authenticated (low-privileged) network attacker to bypass improper authentication controls and gain higher privileges, exposing high-value confidentiality and integrity impact. Rated CVSS 8.1 with low attack complexity and no user interaction, the flaw is remotely reachable but requires an existing authorized session. No public exploit identified at time of analysis; Microsoft has released a fix via the MSRC update guide.
Windows Admin Center in Azure Portal contains an access control flaw that enables local authenticated users to escalate their privileges. An attacker with valid credentials can exploit this vulnerability to gain elevated permissions on the system. No patch is currently available for this issue.
Windows Admin Center's authentication mechanism can be bypassed by authenticated network users to gain elevated privileges on affected Windows systems. An attacker with valid credentials could exploit this weakness to escalate their access level without additional user interaction. A patch is available to remediate this high-severity vulnerability.
Windows Admin Center fails to properly validate cryptographic signatures, enabling high-privileged users to bypass security controls and gain elevated system access on local machines. This vulnerability affects both Windows and Windows Admin Center installations and requires an authenticated attacker with administrative credentials to exploit. No patch is currently available for this issue.
External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally. Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Windows Admin Center Spoofing Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Windows Admin Center Security Feature Bypass Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
An elevation of privilege vulnerability exists when Windows Admin Center improperly impersonates operations in certain situations, aka 'Windows Admin Center Elevation of Privilege Vulnerability'. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.