CVE-2026-56169
Received Received - Intake

Improper Authentication in Windows Admin Center

Vulnerability report for CVE-2026-56169, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-14

Last updated on: 2026-07-14

Assigner: Microsoft Corporation

Description

Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-14
Last Modified
2026-07-14
Generated
2026-07-14
AI Q&A
2026-07-14
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
microsoft windows_admin_center *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Detection Guidance

The provided context does not include specific detection methods or commands for identifying the vulnerability in Windows Admin Center. Detection typically involves checking the installed version of Windows Admin Center and verifying if it is patched against CVE-2026-56169.

You may refer to Microsoft's official guidance or security tools like Microsoft Defender for Endpoint, which might provide detection capabilities for this vulnerability. Additionally, network monitoring tools could help identify unusual privilege elevation attempts over the network.

Executive Summary

CVE-2026-56169 is an improper authentication vulnerability in Windows Admin Center. It allows an authorized attacker, meaning someone who already has some level of access, to elevate their privileges over a network. This means the attacker can gain higher-level permissions than they should have, potentially taking control of administrative functions.

The vulnerability is classified with a CVSS v3.1 BaseScore of 8.1, indicating a high severity. The vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N shows that the attack can be carried out over a network (AV:N), requires low complexity (AC:L), and needs low privileges (PR:L). It does not require user interaction (UI:N) and can result in high impacts on confidentiality (C:H) and integrity (I:H), but no impact on availability (A:N).

Impact Analysis

If you are using Windows Admin Center, this vulnerability could allow an attacker with authorized access to escalate their privileges. This means they could gain administrative control over the system, potentially leading to the following impacts:

  • Unauthorized access to sensitive data or systems.
  • Modification or deletion of critical system configurations or data.
  • Compromise of other systems or services within the network, as the attacker could use elevated privileges to move laterally.

Since the attack can be carried out over a network, the risk is heightened in environments where Windows Admin Center is accessible remotely or within a shared network.

Compliance Impact

This vulnerability could have significant implications for compliance with standards and regulations, depending on the data and systems involved:

  • GDPR: If the affected system processes or stores personal data of EU citizens, a breach resulting from this vulnerability could lead to unauthorized access or disclosure of personal data. This may violate GDPR requirements for data protection and could result in fines or legal action.
  • HIPAA: For organizations handling protected health information (PHI), this vulnerability could lead to unauthorized access or alteration of PHI. This would violate HIPAA's Security Rule, which requires safeguards to protect the confidentiality, integrity, and availability of PHI.
  • Other standards: Compliance frameworks like ISO 27001, NIST, or PCI DSS require organizations to implement proper access controls and authentication mechanisms. This vulnerability indicates a failure in these controls, potentially leading to non-compliance and increased risk of data breaches.

Organizations should assess the potential impact of this vulnerability on their compliance posture and take corrective actions, such as applying patches or mitigations, to avoid regulatory penalties.

Mitigation Strategies

To mitigate CVE-2026-56169, apply the latest security updates provided by Microsoft for Windows Admin Center. The following steps are recommended:

  • Check for and install the latest patches for Windows Admin Center via Microsoft Update or the Microsoft Update Catalog.
  • Restrict network access to Windows Admin Center to trusted users and systems only, using firewalls or network segmentation.
  • Monitor for suspicious activity, such as unauthorized privilege elevation attempts, using security tools like Microsoft Defender for Identity or SIEM solutions.
  • Review and enforce least-privilege access controls for users with access to Windows Admin Center.

For detailed instructions, refer to the official Microsoft security update guide linked in Resource 1.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56169. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart