Elevation of Privileges in Gen Digital CCleaner on Windows
CVE-2025-3025

7.3HIGH

Key Information:

Vendor: Gen Digital
Status: Ccleaner
Vendor: CVE Published:; 15 September 2025

🔔 Create Gen Digital Vulnerability Alert

What is CVE-2025-3025?

An elevation of privileges vulnerability exists in the cleaning feature of Gen Digital CCleaner version 6.33.11465 for Windows. This flaw allows a local user to exploit insecure file deletion operations, potentially gaining SYSTEM privileges. The issue is present in CCleaner versions before 6.36.11508, highlighting significant security risks for users of the software. It is crucial for users to update to the latest version to safeguard against possible exploitations.

Affected Version(s)

CCleaner Windows 6.33.11465

References

https://www.gendigital.com/us/en/contact-us/security-advi...

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Mar 31, 2025

Credit

Dong-uk Kim (@justlikebono)

Trend Micro, the Zero Day Initiative (ZDI) ZDI-CAN-26474

CVE-2025-3025 Data

JSON