CVE-2025-63946

HIGH

Tencent PC Manager <17.10.28554.205 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-63946. PoCs published by alexlee820.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2025-63946, a local privilege escalation vulnerability in Tencent PC Manager. The vulnerability involves insecure handling of files and directories under C:\Windows\Temp, allowing an attacker to leverage symbolic link attacks to delete arbitrary files with SYSTEM privileges.

Description

A privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition.

Exploits (1)

nomisec WRITEUP
by alexlee820 · poc
https://github.com/alexlee820/CVE-2025-63946-Tencent-PC-Manager-EoP

This repository provides a detailed technical analysis of CVE-2025-63946, a local privilege escalation vulnerability in Tencent PC Manager. The vulnerability involves insecure handling of files and directories under C:\Windows\Temp, allowing an attacker to leverage symbolic link attacks to delete arbitrary files with SYSTEM privileges.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Racy
Target: Tencent PC Manager Version <= 17.10.28554.205
No auth needed
Prerequisites: Unprivileged user access · Race condition to create _pcmgr_scan_tmp_ folder · Ability to set OpLock on directories
devstral-2 · analyzed Apr 28, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.4
EPSS 0.0018
EPSS Percentile 7.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-59
Status published
Products (1)
tencent/pcmanager < 17.10.28554.205
Published Feb 23, 2026
Tracked Since Feb 23, 2026