CVE-2025-58736 is a use-after-free vulnerability classified under CWE-416 affecting Inbox COM Objects in Microsoft Windows 10 Version 1809 (build 10.0.17763.0). This vulnerability arises when the system improperly manages memory, freeing an object while it is still in use, which can lead to arbitrary code execution by an attacker. The flaw allows an unauthorized attacker with local access to execute code with high impact on confidentiality, integrity, and availability. The CVSS v3.1 score is 7.0, indicating high severity, with an attack vector limited to local access (AV:L), high attack complexity (AC:H), no privileges required (PR:N), but requiring user interaction (UI:R). The scope remains unchanged (S:U), and the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). No known exploits have been reported in the wild, and no patches have been released at the time of publication. The vulnerability could be exploited by tricking a user into interacting with a malicious component or file that triggers the use-after-free condition in the Inbox COM Objects, leading to arbitrary code execution. This could allow attackers to escalate privileges or execute malicious payloads locally. Since Windows 10 Version 1809 is an older release, many organizations may have moved to newer versions, but those still using this version remain at risk. The lack of patches increases the urgency for mitigation and monitoring.

For European organizations, this vulnerability poses a significant risk especially to those still operating Windows 10 Version 1809 in their environments. The ability for an unauthorized local attacker to execute arbitrary code can lead to full system compromise, data breaches, and disruption of critical services. Confidentiality, integrity, and availability of sensitive data and systems can be severely impacted. Industries such as finance, healthcare, and government, which often maintain legacy systems, are particularly vulnerable. The requirement for local access and user interaction somewhat limits remote exploitation but does not eliminate risk, especially in environments with shared workstations or where attackers have gained initial footholds. The absence of known exploits in the wild currently reduces immediate threat but should not lead to complacency. European organizations must consider the potential for targeted attacks leveraging this vulnerability, especially given geopolitical tensions that may motivate adversaries to exploit such flaws in critical infrastructure or government networks.

1. Upgrade affected systems from Windows 10 Version 1809 to a supported and patched version of Windows 10 or Windows 11 to eliminate the vulnerability. 2. Restrict local access to systems running the vulnerable OS version by enforcing strict access controls and limiting user privileges. 3. Disable or restrict usage of Inbox COM Objects if feasible within operational constraints to reduce attack surface. 4. Implement application whitelisting and endpoint protection solutions capable of detecting anomalous local code execution attempts. 5. Educate users about the risks of interacting with untrusted files or components that could trigger the vulnerability. 6. Monitor event logs and system behavior for signs of exploitation attempts or unusual local activity. 7. Prepare incident response plans specifically addressing local privilege escalation and code execution scenarios. 8. Stay alert for official patches or security advisories from Microsoft and apply them promptly once available.