Skip to main content

Tencent PC Manager CVE-2026-15515

| EUVDEUVD-2026-43256 MEDIUM
Uncontrolled Search Path Element (CWE-427)
2026-07-13 VulDB GHSA-6pvh-5mc9-hm57
6.4
CVSS 4.0 · Vendor: VulDB
Share

Severity by source

Vendor (VulDB) PRIMARY
6.4 HIGH
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.0 HIGH

Local-only search-path hijack (AV:L) that is hard to win reliably (AC:H) and needs an existing low-priv account (PR:L); no scope change, full C/I/A impact on the host.

3.1 AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Severity Changed
Jul 13, 2026 - 01:22 NVD
HIGH MEDIUM
CVSS changed
Jul 13, 2026 - 01:22 NVD
7.3 (HIGH) 6.4 (MEDIUM)
Analysis Generated
Jul 13, 2026 - 00:43 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in Tencent PC Manager 18.1.30242.301. This issue affects some unknown processing in the library qmudisk64.sys of the component QMUDisk Driver. The manipulation leads to uncontrolled search path. The attack must be carried out locally. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Local privilege/impact abuse in Tencent PC Manager 18.1.30242.301 stems from an uncontrolled search path (CWE-427) in the QMUDisk kernel driver library qmudisk64.sys, letting a low-privileged local user coerce loading of an attacker-controlled library to achieve high confidentiality, integrity, and availability impact. Publicly available exploit code exists (the 'qmukiller' proof-of-concept on GitHub), but exploitation is rated high-complexity/difficult and requires local access with existing low-level privileges. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain low-privileged local access
Delivery
Identify QMUDisk driver search path
Exploit
Plant malicious library in searched directory
Execution
Privileged driver loads attacker library
Persist
Execute code in elevated context
Impact
Escalate privileges or tamper with PC Manager

Vulnerability AssessmentAI

Exploitation Exploitation requires local access to a Windows host running Tencent PC Manager 18.1.30242.301 with the QMUDisk Driver (qmudisk64.sys) component installed and active, plus an existing low-privileged account (PR:L) able to write an attacker-controlled library into a directory that appears in the driver/service's uncontrolled search path. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/E:P, base 7.3) describes a locally-exploitable, high-complexity flaw needing low privileges but no user interaction, with full high impact to confidentiality, integrity, and availability and no scope change. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local attacker who already has a low-privileged foothold on a Windows host running Tencent PC Manager plants a malicious library in a directory searched by the QMUDisk driver component before the legitimate path. When the privileged driver/service resolves and loads that library, the attacker's code executes in the elevated context, enabling privilege escalation or tampering with the security product. …
Remediation No vendor-released patch identified at time of analysis - the vendor was contacted early but did not respond, so no fixed version exists to cite. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit all endpoints running Tencent PC Manager 18.1.30242.301 and assess whether general users (beyond administrators) have local system access, which would amplify exploitation risk. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-15515 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy