Azure Portal Windows Admin Center: Local Privilege Escalation Risk

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Azure Portal Windows Admin Center: Local Privilege Escalation Risk

CVE-2026-23660

Summary

An authorized user can gain higher-level access on a local machine running Azure Portal Windows Admin Center, which could let them perform actions they shouldn't be able to do. This could be a concern if your organization uses this tool to manage sensitive systems or data. To mitigate this risk, consider updating to the latest version of Azure Portal Windows Admin Center and ensuring all users follow proper access control protocols.

Original title

Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.

Original description

Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.

nvd CVSS3.1 7.8

Vulnerability type

CWE-284 Improper Access Control

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23660

Published: 10 Mar 2026 · Updated: 14 Mar 2026 · First seen: 11 Mar 2026