Jan 2026: Windows Admin Center Elevation of Privilege Vulnerability
CVE-2026-20965 Published on January 13, 2026
Windows Admin Center Elevation of Privilege Vulnerability
Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.
Weakness Type
Improper Verification of Cryptographic Signature
The software does not verify, or incorrectly verifies, the cryptographic signature for data.
Products Associated with CVE-2026-20965
Want to know whenever a new CVE is published for Microsoft Azure Portal Windows Admin Center? stack.watch will email you.
Affected Versions
Microsoft Windows Admin Center in Azure Portal:- Version 1.0 and below 0.70.0.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.