You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve-2025-47993
About this tag
CVE-2025-47993 is an elevation of privilege vulnerability in Microsoft PC Manager, caused by improper access control and unsafe link resolution before file access. This flaw allows a local, authenticated attacker with low privileges to escalate permissions to SYSTEM, gaining full administrative control of the Windows device. Discussions on WindowsForum cover the vulnerability's details, exploitation via symlinks, and mitigation strategies including patching and detection methods. The tag also addresses related CVEs and the importance of verifying vendor advisories when identifiers don't align.
When a vendor-side advisory and a CVE identifier don’t line up, the first — and most important — job for defenders and researchers is to stop, verify, and update the record. I tried to open the MSRC page you gave and could not find any public advisory, nor could I find any authoritative...
applocker
cve-2025-29975
cve-2025-47993
cve-2025-49738
link following
local eop
microsoft pc manager
ntfs reparse point
patch management
privilege escalation
soc playbook
symlink exploits
sysmon
threat hunting
wdac
windows security
CVE-2025-47993: Microsoft PC Manager Elevation of Privilege Vulnerability
Summary
CVE-2025-47993 is an elevation of privilege (EoP) vulnerability in Microsoft PC Manager, stemming from improper access control and unsafe link resolution before file access (commonly called “link following”). This...