HIGHCVE-2026-42834Published Modified CNA microsoft
CVE-2026-42834: Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability
Improper link resolution before file access ('link following') in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.
Metrics
- CVSS v3.1
- 7.8
- Severity
- HIGH
- Fixed in
- 0.72.0.0.
- Affected Products
- 1
Fix available
0.72.0.0.
Affected packages
- Microsoft / Windows Admin Center in Azure Portal< 0.72.0.0. (from 1.0)
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C