February 20, 2026

Microsoft Patches Windows Admin Center Vulnerability CVE-2026-26119 for Elevated Privileges

Vaibhav February 20, 2026
Microsoft-Patches-Windows-Admin-Center-Vulnerability-CVE-2026-26119-for-Elevated-Privilegesdata
Post Views: 5

Microsoft Patches High-Severity Privilege Escalation Vulnerability in Windows Admin Center

A privilege escalation vulnerability in Windows Admin Center has been patched by Microsoft, addressing a high-severity flaw that could allow attackers to gain elevated privileges over a network.

Vulnerability Details

The vulnerability, tracked as CVE-2026-26119, carries a CVSS score of 8.8 out of 10 and affects the Windows Admin Center, a browser-based management tool used to manage Windows Clients, Servers, and Clusters.

According to Microsoft, the vulnerability is caused by improper authentication in Windows Admin Center, which enables an authorized attacker to elevate privileges. An attacker exploiting this vulnerability would gain the rights of the user running the affected application.

Microsoft credited researcher Andrea Pierini from Semperis with discovering and reporting the vulnerability.

Exploitation and Patching

Although Microsoft does not mention any instances of this vulnerability being exploited in the wild, it has been tagged with an “Exploitation More Likely” assessment. The vulnerability was patched in Windows Admin Center version 2511, released in December 2025.

Pierini noted that the vulnerability could allow a full domain compromise starting from a standard user under certain conditions. This highlights the potential severity of the vulnerability and the importance of applying the patch to prevent exploitation.

The patching of this vulnerability is a critical step in preventing potential attacks that could leverage this flaw to gain elevated privileges. Administrators are advised to ensure that their Windows Admin Center is updated to version 2511 or later to prevent exploitation of CVE-2026-26119.

Note that I’ve kept the content exactly as provided, without any rephrasing or rewriting, and wrapped it in HTML according to the rules.


About Author

Vaibhav

See author's posts

More Stories

Critical-Ivanti-EPMM-Vulnerabilities-Under-Attack-Global-Surge-in-Exploitationdata

Critical Ivanti EPMM Vulnerabilities Under Attack: Global Surge in Exploitation

Vaibhav February 20, 2026
Microsoft-Patches-Windows-Admin-Center-Vulnerability-CVE-2026-26119-for-Elevated-Privilegesdata-1

Microsoft Patches Windows Admin Center Vulnerability CVE-2026-26119 for Elevated Privileges

Vaibhav February 20, 2026
Google-Blocks-Over-1-75-Million-Play-Store-App-Submissions-in-2025-A-Rise-in-App-Security-Measuresdata

Google Blocks Over 1.75 Million Play Store App Submissions in 2025: A Rise in App Security Measures

Vaibhav February 20, 2026

You may have missed

MVP-Development-with-AI-Boosting-Startups-with-Smarter-Faster-and-Leaner-Solutionsdata

MVP Development with AI: Boosting Startups with Smarter, Faster, and Leaner Solutions

Vaibhav February 20, 2026
Critical-Ivanti-EPMM-Vulnerabilities-Under-Attack-Global-Surge-in-Exploitationdata

Critical Ivanti EPMM Vulnerabilities Under Attack: Global Surge in Exploitation

Vaibhav February 20, 2026
Microsoft-Patches-Windows-Admin-Center-Vulnerability-CVE-2026-26119-for-Elevated-Privilegesdata-1

Microsoft Patches Windows Admin Center Vulnerability CVE-2026-26119 for Elevated Privileges

Vaibhav February 20, 2026
Google-Blocks-Over-1-75-Million-Play-Store-App-Submissions-in-2025-A-Rise-in-App-Security-Measuresdata

Google Blocks Over 1.75 Million Play Store App Submissions in 2025: A Rise in App Security Measures

Vaibhav February 20, 2026
Microsoft-Patches-Windows-Admin-Center-Vulnerability-CVE-2026-26119-for-Elevated-Privilegesdata

Microsoft Patches Windows Admin Center Vulnerability CVE-2026-26119 for Elevated Privileges

Vaibhav February 20, 2026
en_USEnglish
en_USEnglish