{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23660", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-01-14T16:59:33.463Z", "datePublished": "2026-03-10T17:04:33.270Z", "dateUpdated": "2026-04-14T16:35:27.660Z"}, "containers": {"cna": {"title": "Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability", "datePublic": "2026-03-10T14:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:azure_portal_windows_admin_center:*:*:*:*:*:*:*:*", "versionStartIncluding": "1.0", "versionEndExcluding": "2.6.4"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Windows Admin Center in Azure Portal", "versions": [{"version": "1.0", "lessThan": "2.6.4", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-284: Improper Access Control", "lang": "en-US", "type": "CWE", "cweId": "CWE-284"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-14T16:35:27.660Z"}, "references": [{"name": "Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23660"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23660", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-11T03:56:23.421373Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T13:08:18.667Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23660", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-11T03:56:23.421373Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-11T13:02:43.899Z"}}], "cna": {"title": "Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Windows Admin Center in Azure Portal", "versions": [{"status": "affected", "version": "1.0", "lessThan": "2.6.4", "versionType": "custom"}]}], "datePublic": "2026-03-10T14:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23660", "name": "Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284: Improper Access Control"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:azure_portal_windows_admin_center:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.6.4", "versionStartIncluding": "1.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-04-14T16:35:27.660Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23660", "state": "PUBLISHED", "dateUpdated": "2026-04-14T16:35:27.660Z", "dateReserved": "2026-01-14T16:59:33.463Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-03-10T17:04:33.270Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:windows_admin_center:*:*:*:*:*:azure:*:*", "matchCriteriaId": "438C3FDA-B710-4AD1-A1E2-97E7D8E07F3C", "versionEndExcluding": "2.6.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally."}, {"lang": "es", "value": "Control de acceso inadecuado en Azure Portal Windows Admin Center permite a un atacante autorizado elevar privilegios localmente."}], "id": "CVE-2026-23660", "lastModified": "2026-03-18T17:39:18.910", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Primary"}]}, "published": "2026-03-10T18:18:14.060", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23660"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "secure@microsoft.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "enrichment": {"confidence": 90.0, "confidence_source": "inferred", "scores": [{"score": 90.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "azure_portal_windows_admin_center", "vendor": "microsoft"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[1.0,2.6.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Windows Admin Center in Azure Portal", "source": "cna", "vendor": "Microsoft"}, "product": "windows_admin_center_in_azure_portal", "vendor": "microsoft"}], "analysis": {"en": {"generated_at": "2026-03-18T18:27:39.895176+00:00", "value": {"mitigation_remediation": ["Check the Microsoft update guide for CVE\u20112026\u201123660 (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23660) and apply the latest Windows Admin Center update for Azure Portal. ", "Restrict privileged access to the Azure Portal and Windows Admin Center to only users who require such permissions. ", "Verify that the access control settings for the Admin Center environment comply with least\u2011privilege principles and are correctly configured to prevent unauthorized elevation. "], "summary": {"action": "Immediate Patch", "impact": "Local Privilege Escalation"}, "threat_synthesis": {"affected_systems": "The affected product is Microsoft Windows Admin Center as accessed through the Azure Portal. Specific affected versions are not listed in the provided data. The Common Platform Enumeration strings indicate the Azure Portal Windows Admin Center and Windows Admin Center products across all versions.", "description_and_impact": "The vulnerability is an improper access control flaw in the Azure Portal implementation of Windows Admin Center that enables an attacker who already has authorized access to elevate their privileges locally. The flaw leads to a local privilege escalation, potentially granting the attacker administrative rights on the system where the Admin Center is running. This weakness aligns with CWE\u2011284 (Improper Access Control).", "risk_and_exploitability": "The CVSS score of 7.8 indicates a high severity of the vulnerability, while the EPSS score of less than 1% suggests a low probability of exploitation currently. The vulnerability is not present in the CISA Known Exploited Vulnerabilities catalog. Based on the description, the likely attack vector is an authorized user within the Azure Portal who can exploit the improper access control to gain elevated local privileges. No additional exploitation prerequisites are stated in the available information."}}}}, "created": "2026-03-11T11:47:00.631555+00:00", "updated": "2026-03-20T14:31:47.169138+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$azure_portal_windows_admin_center", "microsoft$PRODUCT$windows_admin_center_in_azure_portal"]}