CVE-2025-58736

Q: What is the severity of CVE-2025-58736?

CVE-2025-58736 has a CVSS score of 7.0 (HIGH). This vulnerability involves a use-after-free flaw in Inbox COM Objects that allows an unauthorized attacker to execute arbitrary code locally on affected systems. It affects Windows systems with vulnerable COM components, potentially enabling local privilege escalation or system compromise.

7.0 HIGH

📋 TL;DR

This vulnerability involves a use-after-free flaw in Inbox COM Objects that allows an unauthorized attacker to execute arbitrary code locally on affected systems. It affects Windows systems with vulnerable COM components, potentially enabling local privilege escalation or system compromise.

💻 Affected Systems

Products:

Microsoft Windows

Versions: Specific versions to be confirmed via Microsoft advisory

Operating Systems: Windows 10, Windows 11, Windows Server 2016/2019/2022

Default Config Vulnerable: ⚠️ Yes

Notes: Requires local access or ability to execute code on target system. COM objects must be accessible to attacker.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with administrative privileges, data theft, ransomware deployment, or persistent backdoor installation.

🟠

Likely Case

Local privilege escalation allowing attackers to gain higher privileges on already compromised systems or execute malicious payloads.

🟢

If Mitigated

Limited impact with proper patch management, endpoint protection, and least privilege principles in place.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local execution capability. Exploitation involves manipulating COM object memory after free.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: To be specified in Microsoft Security Update

Vendor Advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58736

Restart Required: Yes

Instructions:

1. Apply latest Windows security updates via Windows Update. 2. For enterprise: Deploy through WSUS or Microsoft Endpoint Configuration Manager. 3. Verify update installation and restart systems as required.

🔧 Temporary Workarounds

Restrict COM Object Access

windows

Limit access to vulnerable COM objects using Component Services administrative tool

Component Services > Computers > My Computer > COM+ Applications

Enable Exploit Protection

windows

Use Windows Defender Exploit Guard to apply memory protection controls

Windows Security > App & browser control > Exploit protection settings

🧯 If You Can't Patch

Implement strict application whitelisting to prevent unauthorized code execution
Apply principle of least privilege to limit potential damage from local exploits

🔍 How to Verify

Check if Vulnerable:

Check Windows Update history for missing security patches related to CVE-2025-58736

Check Version:

systeminfo | findstr /B /C:"OS Name" /C:"OS Version"

Verify Fix Applied:

Verify KB article installation via 'wmic qfe list' or 'Get-Hotfix' in PowerShell

📡 Detection & Monitoring

Log Indicators:

Unusual COM object access patterns
Process creation from unexpected COM hosts
Memory access violations in application logs

Network Indicators:

Not network exploitable - local vulnerability only

SIEM Query:

Process Creation where (ParentImage contains 'dllhost.exe' OR ParentImage contains 'rundll32.exe') AND CommandLine contains unusual COM references

📊 Metadata

CVE ID: CVE-2025-58736

CVSS v3 Score: 7.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.13% exploit probability (32.4th percentile)

Published: October 14, 2025

Last Updated: October 16, 2025

🔗 References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-58736 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Windows 10 1507 by Microsoft

Windows 10 1507 by Microsoft

Windows 10 1607 by Microsoft

Windows 10 1607 by Microsoft

Windows 10 1809 by Microsoft

Windows 10 1809 by Microsoft

Windows 10 21h2 by Microsoft

Windows 10 22h2 by Microsoft

Windows 11 22h2 by Microsoft

Windows 11 23h2 by Microsoft

Windows 11 24h2 by Microsoft

Windows 11 25h2 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2008 by Microsoft

Windows Server 2012 by Microsoft

Windows Server 2012 by Microsoft

Windows Server 2016 by Microsoft

Windows Server 2019 by Microsoft

Windows Server 2022 by Microsoft

Windows Server 2022 23h2 by Microsoft

Windows Server 2025 by Microsoft

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict COM Object Access

Enable Exploit Protection

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities