Microsoft: >> Windows Admin Center >> 1807 Security Vulnerabilities
Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.3
EPSS Score
0.001
Published
2026-05-12
Improper neutralization of input during web page generation ('cross-site scripting') in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
6.1
EPSS Score
0.001
Published
2026-04-14
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-02-17
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges locally.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-11
External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally.
CVSS Score
6.2
EPSS Score
0.004
Published
2025-04-08
Windows Admin Center Spoofing Vulnerability
CVSS Score
8.7
EPSS Score
0.004
Published
2023-07-11
An elevation of privilege vulnerability exists when Windows Admin Center improperly impersonates operations in certain situations, aka 'Windows Admin Center Elevation of Privilege Vulnerability'.
CVSS Score
9.8
EPSS Score
0.107
Published
2019-04-09