{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-26119", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "state": "PUBLISHED", "assignerShortName": "microsoft", "dateReserved": "2026-02-11T15:52:13.911Z", "datePublished": "2026-02-17T22:56:03.973Z", "dateUpdated": "2026-05-11T21:25:51.080Z"}, "containers": {"cna": {"title": "Windows Admin Center Elevation of Privilege Vulnerability", "datePublic": "2026-02-17T16:00:00.000Z", "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:microsoft:windows_admin_center:*:*:*:*:*:*:*:*", "versionStartIncluding": "1809.0", "versionEndExcluding": "2.6.4"}]}]}], "affected": [{"vendor": "Microsoft", "product": "Windows Admin Center", "versions": [{"version": "1809.0", "lessThan": "2.6.4", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "CWE-287: Improper Authentication", "lang": "en-US", "type": "CWE", "cweId": "CWE-287"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-11T21:25:51.080Z"}, "references": [{"name": "Windows Admin Center Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26119"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseSeverity": "HIGH", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-26119", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-19T04:55:36.885249Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T14:44:18.458Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-26119", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-19T04:55:36.885249Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T14:46:28.955Z"}}], "cna": {"title": "Windows Admin Center Elevation of Privilege Vulnerability", "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Microsoft", "product": "Windows Admin Center", "versions": [{"status": "affected", "version": "1809.0", "lessThan": "2.6.4", "versionType": "custom"}]}], "datePublic": "2026-02-17T16:00:00.000Z", "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26119", "name": "Windows Admin Center Elevation of Privilege Vulnerability", "tags": ["vendor-advisory", "patch"]}], "descriptions": [{"lang": "en-US", "value": "Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287: Improper Authentication"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:windows_admin_center:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.6.4", "versionStartIncluding": "1809.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2026-05-11T18:10:33.702Z"}}}, "cveMetadata": {"cveId": "CVE-2026-26119", "state": "PUBLISHED", "dateUpdated": "2026-05-11T18:10:33.702Z", "dateReserved": "2026-02-11T15:52:13.911Z", "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "datePublished": "2026-02-17T22:56:03.973Z", "assignerShortName": "microsoft"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:windows_admin_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E6B16F7-D308-4FCC-B230-6AFFB020AFE4", "versionEndExcluding": "2511", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network."}, {"lang": "es", "value": "Autenticaci\u00f3n incorrecta en Windows Admin Center permite a un atacante autorizado escalar privilegios a trav\u00e9s de una red."}], "id": "CVE-2026-26119", "lastModified": "2026-02-19T13:10:49.550", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "secure@microsoft.com", "type": "Primary"}]}, "published": "2026-02-17T23:16:22.880", "references": [{"source": "secure@microsoft.com", "tags": ["Vendor Advisory", "Patch"], "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26119"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "secure@microsoft.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[1809.0,2.6.4)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Windows Admin Center", "source": "cna", "vendor": "Microsoft"}, "product": "windows_admin_center", "vendor": "microsoft"}], "analysis": {"en": {"generated_at": "2026-04-15T15:49:46.801352+00:00", "value": {"mitigation_remediation": ["Apply the latest available update for Microsoft Windows Admin Center from the Microsoft Security Advisory website.", "Limit network exposure of Windows Admin Center by placing it behind a firewall and restricting access to trusted hosts only.", "Configure role\u2011based access and enforce multi\u2011factor authentication to reduce the impact of any authenticated attacker."], "summary": {"action": "Immediate Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "Microsoft Windows Admin Center is affected. No specific product releases or version numbers are listed in the advisory, so all deployments of Windows Admin Center are considered at risk until a patch is applied.", "description_and_impact": "The vulnerability is an authentication bypass that lets a user who has already connected to Windows Admin Center gain higher privileges than intended. The flaw is a lack of proper authority checks (CWE\u2011287) and can allow an attacker to take control over the management workload, potentially modifying configurations or accessing sensitive data. The impact remains within the scope of the system that hosts Windows Admin Center and does not directly expose remote code execution or denial of service.", "risk_and_exploitability": "The CVSS score of 8.8 indicates high severity. EPSS is less than 1%, suggesting low current exploitation probability but still possible. The vulnerability is not listed in CISA\u2019s KEV catalog. An attacker would need authenticated access to the Windows Admin Center portal and could use the flaw to elevate privileges over the network. No complex prerequisites beyond basic authorization are mentioned, implying the risk is significant for any organization running the product on an open or poorly segmented network."}}}}, "created": "2026-02-18T10:33:03.678378+00:00", "updated": "2026-04-15T17:30:10.456921+00:00", "vendors": ["microsoft", "microsoft$PRODUCT$windows_admin_center"]}