CVE-2025-58715

HIGH

Microsoft Windows Speech < - Privilege Escalation

Title source: llm
STIX 2.1

Description

Integer overflow or wraparound in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.

References (1)

Scores

CVSS v3 8.8
EPSS 0.0008
EPSS Percentile 23.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-190
Status published
Products (14)
microsoft/windows_10_1507 < 10.0.10240.21161 (2 CPE variants)
microsoft/windows_10_1607 < 10.0.14393.8519 (2 CPE variants)
microsoft/windows_10_1809 < 10.0.17763.7919 (2 CPE variants)
microsoft/windows_10_21h2 < 10.0.19044.6456
microsoft/windows_10_22h2 < 10.0.19045.6456
microsoft/windows_11_22h2 < 10.0.22621.6060
microsoft/windows_11_23h2 < 10.0.22631.6060
microsoft/windows_11_24h2 < 10.0.26100.6899
microsoft/windows_11_25h2 < 10.0.26200.6899
microsoft/windows_server_2016 < 10.0.14393.8519
... and 4 more
Published Oct 14, 2025
Tracked Since Feb 18, 2026