Security researchers have released a proof-of-concept exploit for CVE-2025-21420, a critical elevation of privilege vulnerability affecting Windows Disk Cleanup tool (cleanmgr.exe).
The vulnerability leverages improper link resolution mechanisms to achieve SYSTEM-level privileges through the SilentCleanup task, potentially allowing attackers to gain complete control over affected Windows systems.
https://cyberpress.org/windows-disk-cle ... erability/