CVE-2025-58322

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by invoking arbitrary DLLs due to improper privilege checks.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://cve.naver.com/detail/cve-2025-58322.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:naver:mybox:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

09 Sep 2025, 18:43

Type	Values Removed	Values Added
CPE		cpe:2.3:a:naver:mybox:::::::: cpe:2.3:o:microsoft:windows:-:::::::*
References	~~() https://cve.naver.com/detail/cve-2025-58322.html -~~	() https://cve.naver.com/detail/cve-2025-58322.html - Vendor Advisory
First Time		Microsoft windows Naver Microsoft Naver mybox

29 Aug 2025, 03:15

Type	Values Removed	Values Added
Summary	~~(en) NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary commands due to improper privilege checks.~~	(en) NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by invoking arbitrary DLLs due to improper privilege checks.

28 Aug 2025, 15:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8

28 Aug 2025, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-28 08:15

Updated : 2025-09-09 18:43

NVD link : CVE-2025-58322

Mitre link : CVE-2025-58322

CVE.ORG link : CVE-2025-58322

JSON object : View

Products Affected

naver

mybox

microsoft

windows

CWE

CWE-266

Incorrect Privilege Assignment

7.8 /10