CVE-2025-64772 is a vulnerability identified in the installer of Sony Corporation's INZONE Hub software, specifically in versions 1.0.10.3 through 1.0.17.0. The root cause is an uncontrolled search path element during the DLL loading process. When the installer runs, it searches for required DLLs in directories that may be influenced by an attacker, potentially allowing malicious DLLs to be loaded instead of legitimate ones. This DLL hijacking can lead to arbitrary code execution with the privileges of the user running the installer. Since installers typically require user initiation, exploitation requires user interaction but does not require prior authentication or elevated privileges. The vulnerability impacts confidentiality, integrity, and availability because arbitrary code execution can lead to data theft, system compromise, or denial of service. The CVSS v3.0 base score is 7.8, reflecting high severity due to the combination of local attack vector, low attack complexity, no privileges required, and high impact on all security aspects. No known exploits have been reported yet, but the vulnerability is publicly disclosed and should be addressed promptly. The lack of patches at the time of disclosure means organizations must rely on interim mitigations until official fixes are released. This vulnerability is particularly relevant for environments where INZONE Hub is used to manage Sony peripherals, often in gaming or multimedia professional contexts.

For European organizations, the impact of CVE-2025-64772 can be significant, especially in sectors relying on Sony INZONE Hub for device management, such as gaming, multimedia production, and professional audio-visual setups. Successful exploitation could allow attackers to execute arbitrary code locally, potentially leading to full system compromise, data breaches, or disruption of critical services. This risk is heightened in environments where users have administrative privileges or where the installer is run frequently. The vulnerability could be leveraged as an initial foothold in targeted attacks or as a vector for lateral movement within corporate networks. Given the high confidentiality, integrity, and availability impacts, organizations may face operational disruptions, loss of sensitive data, and reputational damage. The requirement for user interaction limits remote exploitation but does not eliminate risk, especially in scenarios involving social engineering or insider threats. The absence of known exploits currently provides a window for proactive defense, but the public disclosure increases the likelihood of future exploit development.

To mitigate CVE-2025-64772, European organizations should implement the following specific measures: 1) Restrict execution of the INZONE Hub installer to trusted administrators or controlled environments to minimize exposure to untrusted users. 2) Employ application whitelisting and code integrity policies to prevent unauthorized DLLs from loading during installation. 3) Monitor system and application logs for unusual DLL loading behavior or installer execution patterns indicative of exploitation attempts. 4) Educate users about the risks of running installers from untrusted sources and the importance of verifying software authenticity. 5) Isolate systems running INZONE Hub installers from critical network segments to limit potential lateral movement. 6) Prepare for patch deployment by inventorying affected versions and establishing rapid update procedures once Sony releases official patches. 7) Use endpoint detection and response (EDR) tools to detect suspicious activities related to DLL hijacking or privilege escalation. 8) Consider deploying sandbox environments for testing installers before production deployment. These targeted actions go beyond generic advice by focusing on controlling installer execution, monitoring DLL loading, and preparing for timely patching.