Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.4
Tencent iOA app: Local Users Can Run Elevated Programs on Windows
CVE-2025-63945
Summary
A security issue in the Tencent iOA app on Windows devices allows a local user to run programs with higher access permissions. This could lead to unauthorized changes to the system. To protect your system, update the Tencent iOA app to the latest version.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| tencent | ioa | <= 210.9.28693.62001 | – |
Original title
A privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute programs with elevated privileges. However, execution req...
Original description
A privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition.
nvd CVSS3.1
7.4
Vulnerability type
CWE-59
Link Following
- https://github.com/alexlee820/CVE-2025-63945-Tencent-iOA-EoP Exploit Third Party Advisory
- https://github.com/alexlee820/Tencent-iOA-EoP Broken Link
Published: 23 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026