Login Sign Up

CVE-2025-58732

7.0 HIGH

📋 TL;DR

This vulnerability involves a use-after-free flaw in Inbox COM Objects that allows an unauthorized local attacker to execute arbitrary code. It affects systems running vulnerable versions of Microsoft software that utilize these COM components. Attackers could gain elevated privileges or compromise the system.

💻 Affected Systems

Products:
  • Microsoft Windows
  • Microsoft Office
  • Other Microsoft applications using Inbox COM Objects
Versions: Specific versions to be determined from Microsoft advisory
Operating Systems: Windows 10, Windows 11, Windows Server 2016/2019/2022
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems with vulnerable COM object implementations. Exact product list requires Microsoft advisory details.

📦 What is this software?

Windows 10 1507 by Microsoft

View all CVEs affecting Windows 10 1507 →

Windows 10 1507 by Microsoft

View all CVEs affecting Windows 10 1507 →

Windows 10 1607 by Microsoft

View all CVEs affecting Windows 10 1607 →

Windows 10 1607 by Microsoft

View all CVEs affecting Windows 10 1607 →

Windows 10 1809 by Microsoft

View all CVEs affecting Windows 10 1809 →

Windows 10 1809 by Microsoft

View all CVEs affecting Windows 10 1809 →

Windows 10 21h2 by Microsoft

View all CVEs affecting Windows 10 21h2 →

Windows 10 22h2 by Microsoft

View all CVEs affecting Windows 10 22h2 →

Windows 11 22h2 by Microsoft

View all CVEs affecting Windows 11 22h2 →

Windows 11 23h2 by Microsoft

View all CVEs affecting Windows 11 23h2 →

Windows 11 24h2 by Microsoft

View all CVEs affecting Windows 11 24h2 →

Windows 11 25h2 by Microsoft

View all CVEs affecting Windows 11 25h2 →

Windows Server 2008 by Microsoft

View all CVEs affecting Windows Server 2008 →

Windows Server 2012 by Microsoft

View all CVEs affecting Windows Server 2012 →

Windows Server 2012 by Microsoft

View all CVEs affecting Windows Server 2012 →

Windows Server 2016 by Microsoft

View all CVEs affecting Windows Server 2016 →

Windows Server 2019 by Microsoft

View all CVEs affecting Windows Server 2019 →

Windows Server 2022 by Microsoft

View all CVEs affecting Windows Server 2022 →

Windows Server 2022 23h2 by Microsoft

View all CVEs affecting Windows Server 2022 23h2 →

Windows Server 2025 by Microsoft

View all CVEs affecting Windows Server 2025 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining SYSTEM privileges, installing malware, stealing data, or establishing persistence.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass security controls and execute code with higher privileges.

🟢

If Mitigated

Limited impact if proper privilege separation and application sandboxing are implemented.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access.
🏢 Internal Only: HIGH - Malicious insiders or compromised accounts could exploit this to escalate privileges within the network.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and knowledge of COM object manipulation. No public exploit code known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: To be specified in Microsoft Security Update

Vendor Advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58732

Restart Required: Yes

Instructions:

1. Check Microsoft Security Update for CVE-2025-58732. 2. Apply the appropriate security update for your Windows version. 3. Restart the system as required.

🔧 Temporary Workarounds

Restrict COM Object Access

windows

Limit access to vulnerable COM objects through Component Services

dcomcnfg.exe

Enable Enhanced Security Configuration

windows

Use Windows Defender Application Control or similar to restrict untrusted code execution

🧯 If You Can't Patch

  • Implement strict least privilege principles for all user accounts
  • Use application whitelisting to prevent execution of unauthorized binaries

🔍 How to Verify

Check if Vulnerable:

Check Windows Update history for KB number associated with CVE-2025-58732 or use Microsoft's Security Update Guide

Check Version:

systeminfo | findstr /B /C:"OS Name" /C:"OS Version"

Verify Fix Applied:

Verify the security update is installed via Windows Update history or systeminfo command

📡 Detection & Monitoring

Log Indicators:

  • Unusual COM object activation events in Windows Event Logs
  • Process creation from COM-related processes with unusual parent-child relationships

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

EventID=4688 AND (NewProcessName contains "powershell" OR NewProcessName contains "cmd") AND ParentProcessName contains "dllhost"

📊 Metadata

CVE ID: CVE-2025-58732
CVSS v3 Score: 7.0 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-416
EPSS Score: 0.13% exploit probability (32.4th percentile)
Published: October 14, 2025
Last Updated: October 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58732, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)