9 matches found
CVE-2025-49728
Microsoft PC Manager is affected by CVE-2025-49728, a vulnerability in which cleartext storage of sensitive information could allow a local attacker to bypass a security feature. The CVSS 3.1 vector indicates local access, low attack complexity, no user interaction, and no privileges required, wi...
CVE-2025-21322
CVE-2025-21322 is an Elevation of Privilege vulnerability in Microsoft PC Manager (Microsoft PC Manager
CVE-2024-49051
Microsoft PC Manager is affected by an elevation-of-privilege vulnerability (CVE-2024-49051) due to incorrect handling of symbolic links before file access. Affected component: the Microsoft PC Manager app. Root cause: symbolic link handling flaw; exploit could allow privilege escalation. Publicl...
CVE-2025-29975
CVE-2025-29975 affects Microsoft PC Manager on Windows. It stems from improper link resolution before file access ("link following"), enabling a locally authenticated attacker to elevate privileges. The root cause is a link-following flaw in the PC Manager component, with high impact to confident...
CVE-2025-49738
CVE-2025-49738 is a Windows vulnerability affecting Microsoft PC Manager. The issue is an improper link resolution before file access ("link following"), allowing an authorized local attacker to elevate privileges. The available data indicates a local-execution impact with high severity (CVSSv3: ...
CVE-2025-53795
CVE-2025-53795 : Microsoft PC Manager has an improper authorization weakness that could let an unauthenticated attacker elevate privileges over the network. The CVE is documented across multiple feeds (NVD, Microsoft MSRC, Red Hat, CNNVD, PT- Security) with high-severity ratings (CVSS v3.1 base s...
CVE-2026-49161
Technical details (affected product, component, root cause, impact, fixes) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-50511
CVE-2026-50511 describes an elevation-of-privilege vulnerability in Microsoft PC Manager caused by improper link resolution before file access ("link following"). An authorized attacker can achieve local privilege escalation. The issue has a CVSS v3.1 base score of 7.8 (High) with Local attack ve...
CVE-2026-50512
CVE-2026-50512 involves a missing authentication flaw in Microsoft PC Manager that enables an authorized attacker to locally elevate privileges. The CVSS v3.1 score is 7.8 ( HIGH ), with local attack vector, low complexity, and privileges required: LOW; impact to confidentiality, integrity, and a...