Elevation of Privilege Vulnerability in Microsoft PC Manager
CVE-2025-49738

7.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Pc Manager
Vendor: CVE Published:; 8 July 2025

What is CVE-2025-49738?

An elevation of privilege vulnerability exists in Microsoft PC Manager due to improper link resolution before file access. This flaw allows an authorized attacker to exploit the issue and gain elevated privileges on the local system, potentially leading to unauthorized access and elevated rights. It is crucial for users to ensure their software is up to date to mitigate these security risks.

Affected Version(s)

Microsoft PC Manager Unknown 1.0.0 < 3.17.4

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Jun 9, 2025