CVE-2025-64669

⚠️ high

🔍 Scan for this CVE

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges locally.

CVSS Score

7.8

High

EPSS Score

0.1

Exploit Probability

Published Date

2025-12-11

First Seen: 2026-01-05

This CVE is Moderate Risk - more severe than 69.6% of all 326,604 vulnerabilities in our database.

#99,150

Above average severity

Severity Percentile

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Total

Complete system compromise possible

SSVC data provided by CISA

Last Modified 2025-12-12

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE IDs (Weakness Types)

CWE-284

📦 Affected Products 1

Vendor	Product	Status	Affected Versions
microsoft	windows_admin_center	Affected	< 2511

Vendor Advisory

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-42834	⚠️ high	7.8	0.0	Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.	2026-05-20
CVE-2026-41086	⚠️ high	8.8	0.1	Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network.	2026-05-12
CVE-2026-35438	⚠️ high	8.3	0.1	Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network.	2026-05-12
CVE-2026-23660	⚠️ high	7.8	0.1	Improper access control in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally...	2026-03-10
CVE-2026-26119	⚠️ high	8.8	0.1	Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.	2026-02-17
CVE-2026-20965	⚠️ high	7.5	0.0	Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privil...	2026-01-13

These CVEs affect the same products