CVE-2025-58322 is a high-severity local privilege escalation vulnerability found in NAVER MYBOX Explorer for Windows versions prior to 3.0.8.133. The vulnerability arises from improper privilege checks related to DLL loading, allowing a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM by invoking arbitrary DLLs. This is classified under CWE-266, which concerns incorrect privilege assignment. The attacker must have local access with at least low privileges (PR:L) and no user interaction is required (UI:N). The vulnerability affects the confidentiality, integrity, and availability of the system, as the attacker can gain full system control. The CVSS v3.1 base score is 7.8, reflecting a high severity due to the combination of local attack vector, low complexity, required privileges, and the critical impact on system security. No known exploits are currently reported in the wild, and no patch links have been provided yet, indicating the vulnerability is newly disclosed or not yet fully addressed by the vendor. NAVER MYBOX Explorer is a Windows-based file management tool integrated with NAVER's cloud storage services, and this flaw allows malicious local users to bypass security restrictions by loading arbitrary DLLs with SYSTEM-level privileges, potentially leading to complete system compromise.

For European organizations, this vulnerability poses a significant risk especially in environments where NAVER MYBOX Explorer is deployed, such as companies using NAVER's cloud storage solutions or related software. An attacker with local access—such as an insider threat, a compromised user account, or through social engineering to gain initial foothold—could exploit this flaw to gain SYSTEM-level privileges. This would allow them to bypass all security controls, access sensitive data, install persistent malware, or disrupt critical services. The impact is particularly severe in regulated industries (finance, healthcare, government) where data confidentiality and system integrity are paramount. Additionally, organizations with remote or hybrid workforces may face increased risk if endpoint security is weak, as attackers could leverage this vulnerability to escalate privileges on compromised devices. The lack of a patch and known exploits in the wild means organizations must proactively mitigate the risk to prevent potential exploitation once public exploits emerge.

1. Immediate mitigation should include restricting local access to systems running vulnerable versions of NAVER MYBOX Explorer, limiting user privileges, and enforcing strict endpoint security policies. 2. Monitor and audit DLL loading behavior and privilege escalation attempts using endpoint detection and response (EDR) tools to detect suspicious activity. 3. Apply application whitelisting to prevent unauthorized DLLs from loading in the context of NAVER MYBOX Explorer. 4. Until an official patch is released, consider uninstalling or disabling NAVER MYBOX Explorer on critical systems if feasible. 5. Educate users about the risks of local privilege escalation and enforce strong authentication and access controls to minimize the chance of initial compromise. 6. Maintain up-to-date backups and incident response plans to quickly recover from potential exploitation. 7. Once a patch is available, prioritize testing and deployment across all affected systems to remediate the vulnerability promptly.