CVE-2025-49728 – Microsoft PC Manager stores sensitive informati... (How to Fix)

Q: What is the severity of CVE-2025-49728?

CVE-2025-49728 has a CVSS score of 4.0 (MEDIUM). Microsoft PC Manager stores sensitive information in cleartext, allowing local attackers to bypass security features. This affects users running vulnerable versions of Microsoft PC Manager on Windows systems. The vulnerability requires local access to the system.

📋 TL;DR

Microsoft PC Manager stores sensitive information in cleartext, allowing local attackers to bypass security features. This affects users running vulnerable versions of Microsoft PC Manager on Windows systems. The vulnerability requires local access to the system.

💻 Affected Systems

Products:

Microsoft PC Manager

Versions: Versions prior to the patched release

Operating Systems: Windows 10, Windows 11

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems where Microsoft PC Manager is installed and running vulnerable versions.

📦 What is this software?

Pc Manager by Microsoft

View all CVEs affecting Pc Manager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local attacker gains unauthorized access to sensitive system information or bypasses security controls, potentially leading to privilege escalation or data exposure.

🟠

Likely Case

Local user with basic access can read sensitive configuration data stored in cleartext, compromising security feature integrity.

🟢

If Mitigated

With proper access controls and monitoring, impact is limited to authorized users who already have local system access.

🌐 Internet-Facing: LOW - Requires local system access, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Local attackers or malicious insiders can exploit this vulnerability on affected systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access to the system and knowledge of where sensitive data is stored.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Latest version from Microsoft Store/Update

Vendor Advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49728

Restart Required: No

Instructions:

1. Open Microsoft Store 2. Search for 'Microsoft PC Manager' 3. Click Update if available 4. Alternatively, download latest version from official Microsoft website

🔧 Temporary Workarounds

Restrict local file access

Windows

Implement strict file permissions to limit access to Microsoft PC Manager configuration files

icacls "%ProgramFiles%\Microsoft\PC Manager\*" /deny Users:(R)

🧯 If You Can't Patch

Uninstall Microsoft PC Manager if not required
Implement application whitelisting to prevent unauthorized access to PC Manager files

🔍 How to Verify

Check if Vulnerable:

Check Microsoft PC Manager version in Settings > Apps > Microsoft PC Manager

Check Version:

Get-AppxPackage -Name *Microsoft.PCManager* | Select Version

Verify Fix Applied:

Verify version is updated to latest release and check for cleartext sensitive files in PC Manager directories

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns to PC Manager configuration directories
Multiple failed attempts to access protected system files

Network Indicators:

Not applicable - local vulnerability

SIEM Query:

EventID=4663 AND ObjectName LIKE '%PC Manager%' AND AccessesMask CONTAINS 'ReadData'

📊 Metadata

CVE ID: CVE-2025-49728

CVSS v3 Score: 4.0 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-312

EPSS Score: 0.03% exploit probability (6.7th percentile)

Published: September 16, 2025

Last Updated: October 1, 2025

🔗 References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49728 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-49728, you might also want to check these: