8 matches found
CVE-2025-49728
Microsoft PC Manager is affected by CVE-2025-49728, a vulnerability in which cleartext storage of sensitive information could allow a local attacker to bypass a security feature. The CVSS 3.1 vector indicates local access, low attack complexity, no user interaction, and no privileges required, wi...
CVE-2025-21322
CVE-2025-21322 is an Elevation of Privilege vulnerability in Microsoft PC Manager (Microsoft PC Manager
CVE-2024-49051
Microsoft PC Manager is affected by an elevation-of-privilege vulnerability (CVE-2024-49051) due to incorrect handling of symbolic links before file access. Affected component: the Microsoft PC Manager app. Root cause: symbolic link handling flaw; exploit could allow privilege escalation. Publicl...
CVE-2025-29975
CVE-2025-29975 affects Microsoft PC Manager on Windows. It stems from improper link resolution before file access ("link following"), enabling a locally authenticated attacker to elevate privileges. The root cause is a link-following flaw in the PC Manager component, with high impact to confident...
CVE-2025-49738
CVE-2025-49738 is a Windows vulnerability affecting Microsoft PC Manager. The issue is an improper link resolution before file access ("link following"), allowing an authorized local attacker to elevate privileges. The available data indicates a local-execution impact with high severity (CVSSv3: ...
CVE-2026-49161
Technical details (affected product, component, root cause, impact, fixes) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-50511
CVE-2026-50511 describes an elevation-of-privilege vulnerability in Microsoft PC Manager caused by improper link resolution before file access ("link following"). An authorized attacker can achieve local privilege escalation. The issue has a CVSS v3.1 base score of 7.8 (High) with Local attack ve...
CVE-2026-50512
CVE-2026-50512 involves a missing authentication flaw in Microsoft PC Manager that enables an authorized attacker to locally elevate privileges. The CVSS v3.1 score is 7.8 ( HIGH ), with local attack vector, low complexity, and privileges required: LOW; impact to confidentiality, integrity, and a...