Improper Access Control in Windows Admin Center by Microsoft
CVE-2025-64669

7.8HIGH

Key Information:

Vendor

Microsoft
Status
Windows Admin Center
Vendor
CVE Published:
11 December 2025

Badges

📈 Score: 1,230💰 Ransomware👾 Exploit Exists📰 News Worthy

What is CVE-2025-64669?

CVE-2025-64669 is a vulnerability found in Windows Admin Center, a management tool developed by Microsoft to facilitate the administration of Windows servers and services. This tool enables system administrators to manage various aspects of their infrastructure through a web-based interface. The specific flaw relates to improper access control mechanisms that allow an attacker, who already has some level of authorized access, to elevate their privileges locally. This vulnerability could potentially enable the attacker to perform unauthorized actions or access sensitive data, thereby compromising the integrity and security of the organization's IT environment.

The technical details indicate that the vulnerability arises from insufficient validation of user permissions, which can be exploited by leveraging existing access rights. Organizations that rely on Windows Admin Center for system management must be aware of the risks associated with this vulnerability, particularly as it could facilitate more severe attacks if exploited effectively.

Potential impact of CVE-2025-64669

  1. Unauthorized Privilege Escalation: The primary impact of this vulnerability is the ability for an attacker to elevate their privileges beyond what was intended. This means they can gain elevated access to critical systems and data, allowing them to execute operations that would normally be restricted to higher-privileged users.

  2. Data Breaches: With elevated privileges, an attacker could potentially access sensitive information, leading to data breaches that could expose confidential organizational data, customer information, or proprietary systems. Such breaches could have serious legal and financial ramifications for the affected organization.

  3. System Compromise and Malware Deployment: The improper access control could allow an attacker to not only manipulate settings and configurations but also deploy malicious software within the environment. This could result in further compromise of the organization’s IT infrastructure, leading to disruption of services, additional data loss, and potential integration with ransomware attacks targeting critical systems.

Affected Version(s)

Windows Admin Center Unknown 1809.0 < 2.6.2.6

News Articles

favicon imageRed Hot Cyber

Critical Windows Admin Center Flaw CVE-2025-64669 Exposes Servers to Attack

Discover a critical vulnerability in Windows Admin Center (CVE-2025-64669) that allows standard users to escalate privileges and take control of servers. Learn more and update now.

2 weeks ago

favicon imageRisky Business Newsletters

Risky Bulletin: Most smart devices run outdated web browsers

Ukraine hacks major Russian defense contractor; ransomware hits Venezuela's oil company; hackers are trying to extort PornHub with stolen data.

2 weeks ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 💰

    Used in Ransomware

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by Cyber Press

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-64669 : Improper Access Control in Windows Admin Center by Microsoft