CVE-2026-20965

Name of the Vulnerable Software and Affected Versions Windows Admin Center versions prior to 0.70.00

Description Improper verification of cryptographic signatures in the Azure AD SSO implementation of Windows Admin Center allows an authorized attacker with local administrator access on a machine to bypass authentication and authorization mechanisms. The issue stems from the improper validation of Proof-of-Possession (PoP) tokens, where a stolen admin access token can be mixed with a forged PoP token to impersonate privileged users. This can lead to local privilege escalation, lateral movement across the entire tenant, and tenant-wide remote code execution (RCE). The exploitation involves sending a specially crafted HTTPS request.

Recommendations Update Windows Admin Center Azure Extension to version 0.70.00 or later.