Description
Improper neutralization of special elements used in a command ('command injection') in Windows Admin Center allows an authorized attacker to execute code over a network.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Tue, 14 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper neutralization of special elements used in a command ('command injection') in Windows Admin Center allows an authorized attacker to execute code over a network. | |
| Title | Windows Admin Center (WAC) Remote Code Execution Vulnerability | |
| First Time appeared |
Microsoft
Microsoft windows Admin Center |
|
| Weaknesses | CWE-77 | |
| CPEs | cpe:2.3:a:microsoft:windows_admin_center:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Microsoft
Microsoft windows Admin Center |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2026-07-14T17:11:44.940Z
Reserved: 2026-06-19T13:54:04.007Z
Link: CVE-2026-56197
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses