POLICY-OTHER --
POLICY-OTHER Microsoft Windows Admin Center potential remote code execution attempt
This rule looks for HTTP requests being sent to the Windows Admin Center that could indicate potential attempts to exploit a vulnerability that allows for arbitrary command execution.
This rule fires on potential attempts to exploit a vulnerability in the Windows Admin Center.
No public information
Known false positives, with the described conditions
This rule may alert on legitimate usage of certain Windows Admin Center functionality, and so network administrators should investigate all events to determine maliciousness.
Cisco Talos Intelligence Group
Rule Categories::Operating Systems::Windows
Rule Categories::Policy::Other
N/A
Not Applicable
CVE-2026-58631 |
Loading description
|