Home

Description

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by invoking arbitrary DLLs due to improper privilege checks.

PUBLISHED Reserved 2025-08-28 | Published 2025-08-28 | Updated 2025-08-29 | Assigner naver

Problem types

CWE-266 Incorrect Privilege Assignment

Product status

Default status
affected

3.0.8.133
unaffected

Credits

Minwoo Jeong of KAIST Hacking Lab (@p1nkjelly) finder

References

cve.naver.com/detail/cve-2025-58322.html (NAVER Security Advisory) vendor-advisory

cve.org (CVE-2025-58322)

nvd.nist.gov (CVE-2025-58322)

Download JSON