Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges.
Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and Clusters without the need for connecting to the cloud.
The high-severity vulnerability, tracked as CVE-2026-26119, carries a CVSS score of 8.8 out of a maximum of 10.0
“Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network,” Microsoft said in an advisory released on February 17, 2026. “The attacker would gain the rights of the user that is running the affected application.”
Microsoft credited Semperis researcher Andrea Pierini with discovering and reporting the vulnerability. It’s worth mentioning that the security issue was patched by the tech giant in Windows Admin Center version 2511 released in December 2025.
While the Windows maker makes no mention of this vulnerability being exploited in the wild, it has been tagged with an “Exploitation More Likely” assessment.
Technical details related to CVE-2026-26119 are presently under wraps, but that could change soon. In a post shared on LinkedIn, Pierini said the vulnerability could “allow a full domain compromise starting from a standard user” under certain conditions.
