CVE-2025-63945

HIGH

Tencent iOA thru 210.9.28693.621001 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-63945. PoCs published by alexlee820.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2025-63945, a local privilege escalation vulnerability in Tencent PC Manager. The vulnerability involves symbolic link attacks to coerce a SYSTEM-privileged process into deleting arbitrary files, leading to privilege escalation.

Description

A privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition.

Exploits (1)

nomisec WRITEUP 1 stars
by alexlee820 · poc
https://github.com/alexlee820/CVE-2025-63945-Tencent-iOA-EoP

This repository provides a detailed technical analysis of CVE-2025-63945, a local privilege escalation vulnerability in Tencent PC Manager. The vulnerability involves symbolic link attacks to coerce a SYSTEM-privileged process into deleting arbitrary files, leading to privilege escalation.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Tencent PC Manager (before 210.9.28693.62001)
No auth needed
Prerequisites: Access to the local system · Ability to create symbolic links and directories in C:\Windows\Temp
devstral-2 · analyzed May 04, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.4
EPSS 0.0018
EPSS Percentile 7.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-59
Status published
Products (1)
tencent/ioa < 210.9.28693.62001
Published Feb 23, 2026
Tracked Since Feb 23, 2026