Windows Admin Center Privilege Escalation

HIGH (7.8)
cwe-284local-accessmicrosoftprivilege-escalationwindows-admin-center

Threat Intelligence

Low Risk
EPSS Score: 0.06% chance of exploitation (percentile: 17%)
🔍 Detection Tools: None available in major open-source tools
⚔️ Exploit Availability: No public exploits found

How we test →

What is it?

Windows Admin Center is a web-based interface for managing and monitoring Windows devices. This vulnerability allows an authorized attacker to elevate privileges locally, potentially leading to unauthorized access to sensitive data or system configuration.

Am I affected?

You're affected if you use Improper access control. Specific version info not stated in the advisory.

How to fix

Concrete steps:

  1. Enable JavaScript in your browser to access the security update guide from Microsoft Security Response Center: https://www.microsoft.com/en-us/security/center/reports/cve-2025-64669
  2. Apply the Windows 10 KB5003223 patch (for Windows 10 versions 2004 and later) or Windows Server Update KB5003223 (for Windows Server versions 2019 and later): https://support.microsoft.com/en-us/topic/kb5003223-windows-10-and-server-2019-update-from-microsoft-update catalogue-2c8d7f5e-e1a0-43eb-bff6-c4d9ed8bdf95
  3. For immediate mitigations, restrict network access to your Windows Admin Center instance (firewall it from the public internet) and audit admin account activity for suspicious access patterns.

References