CVE-2026-41086
Microsoft · Windows Admin Center
An improper access control vulnerability in Windows Admin Center in Azure Portal allows an authenticated attacker to perform unauthorized privilege escalation.
Executive summary
A critical privilege escalation vulnerability in Microsoft Windows Admin Center allows authenticated attackers to gain unauthorized elevated access.
Vulnerability
The flaw is rooted in improper access control (CWE-284), which permits an authenticated user with low-level privileges to escalate their permissions to a higher level within the environment.
Business impact
Exploitation of this vulnerability allows an attacker to bypass standard security boundaries, potentially leading to full administrative control over the affected management interface. Given the CVSS score of 8.8, this poses a significant risk to the integrity and confidentiality of the management infrastructure.
Remediation
Immediate Action: Apply the vendor security update to upgrade Windows Admin Center to version 0.76.0.0 or higher.
Proactive Monitoring: Monitor management logs for unauthorized access attempts or suspicious elevation of privilege events associated with standard user accounts.
Compensating Controls: Implement strict access control lists (ACLs) and restrict network access to the Windows Admin Center interface to authorized management subnets only.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
Organizations must prioritize patching this privilege escalation vulnerability to prevent internal threats or compromised accounts from gaining excessive system control. Apply the latest updates to Windows Admin Center immediately to mitigate the risk.