Privilege Escalation in Windows Admin Center: CVE‑2026‑26119 Patched

February 20, 2026 Faeem BLOGS 0

Microsoft has disclosed and patched a high‑severity privilege escalation vulnerability in Windows Admin Center (WAC), tracked as CVE‑2026‑26119 with a CVSS score of 8.8.

What is Windows Admin Center?

Windows Admin Center is a locally deployed, browser‑based management tool that allows administrators to manage Windows clients, servers, and clusters without relying on cloud connectivity. It’s widely used in enterprise environments for streamlined administration.

The Vulnerability

  • Nature of flaw: Improper authentication in WAC allowed an authorized attacker to elevate privileges over a network.
  • Impact: The attacker could gain the rights of the user running the affected application, potentially leading to full domain compromise under certain conditions.
  • Discovery: Reported by Andrea Pierini of Semperis.
  • Patch: Fixed in Windows Admin Center version 2511 (December 2025).
  • Risk assessment: Microsoft tagged the flaw as “Exploitation More Likely”, though no exploitation in the wild has been confirmed.

Why It Matters

  • High severity: With a CVSS score of 8.8, this vulnerability represents a serious risk in enterprise environments.
  • Domain compromise potential: Pierini noted that attackers could escalate from a standard user to full domain compromise, making this a critical escalation vector.
  • Supply chain implications: WAC is often deployed across multiple servers and clusters, meaning exploitation could ripple across infrastructure.

Defensive Recommendations

  • Update immediately: Ensure Windows Admin Center is upgraded to version 2511 or later.
  • Audit access: Review user roles and permissions in WAC to minimize exposure.
  • Monitor logs: Watch for unusual authentication attempts or privilege escalations.
  • Apply layered defenses: Combine WAC patching with broader Active Directory hardening and MFA enforcement.

Final Thought

CVE‑2026‑26119 is a reminder that administration tools are prime targets for attackers. While Microsoft’s patch closes the immediate gap, organizations must remain vigilant—because privilege escalation flaws can quickly turn into full‑scale domain compromises if left unchecked.

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.