CVE-2025-59253

Published Oct 14, 2025

Last updated a month ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-59253 is a vulnerability in the Microsoft Windows Search Component. Disclosed on October 14, 2025, it stems from improper access control. The vulnerability affects multiple Windows versions, including Windows 10 and 11, as well as Windows Server versions from 2012 to 2025. An authorized local attacker can exploit this vulnerability to cause a denial of service. This could disrupt the search functionality on the affected systems. To address this vulnerability, Microsoft released security updates as part of the October 2025 Patch Tuesday.

Description: Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally.
Source: secure@microsoft.com
NVD status: Analyzed
Products: windows_10_1507, windows_10_1607, windows_10_1809, windows_10_21h2, windows_10_22h2, windows_11_22h2, windows_11_23h2, windows_11_24h2, windows_11_25h2, windows_server_2012, windows_server_2016, windows_server_2019, windows_server_2022, windows_server_2022_23h2, windows_server_2025

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

secure@microsoft.com: CWE-284

Hype score: Not currently trending

During my research into COM/DCOM I stumbled upon a vulnerability that deletes the Boot Configuration Data (BCD) in the registry as low privileged user. For this vulnerability CVE-2025-59253 was assigned by Microsoft. https://t.co/2SKEuWHhPQ
@incendiumrockz
10 Nov 2025
4625 Impressions
20 Retweets
75 Likes
31 Bookmarks
1 Reply
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "030F3214-D6AF-40A9-9FC9-523AC9870581",
            "versionEndExcluding": "10.0.10240.21161"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "4932CB20-D134-4EDF-8F21-F9D0AF80BFEA",
            "versionEndExcluding": "10.0.10240.21161"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "D8145D41-BFB2-47A6-B5E5-1A038A27C1C1",
            "versionEndExcluding": "10.0.14393.8519"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "3EE0CDB1-CBF3-45F2-8F0B-96A9D0757B42",
            "versionEndExcluding": "10.0.14393.8519"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "E216CD5B-8885-4E17-8718-97E88A724A44",
            "versionEndExcluding": "10.0.17763.7919"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "36E44227-0320-43B1-A0D9-EB28B25CDB4D",
            "versionEndExcluding": "10.0.17763.7919"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1485A427-10FF-4C39-9911-4C6F1820BE7F",
            "versionEndExcluding": "10.0.19044.6456"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26CAACAA-3FE8-4740-8CF2-6BF3D069C47F",
            "versionEndExcluding": "10.0.19045.6456"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F387FA2-66C8-4B70-A537-65806271F16A",
            "versionEndExcluding": "10.0.22621.6060"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4AF873E4-B2FE-4504-BFF0-FC71121FC9A4",
            "versionEndIncluding": "10.0.22631.6060"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41E9F7AC-8E6D-43A0-A157-48A5E0B5BD0D",
            "versionEndExcluding": "10.0.26100.6899"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B77A066-4F79-4B1F-AECF-58DB4C651EA5",
            "versionEndExcluding": "10.0.26200.6899"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "860ADFF9-62D0-425B-9310-99ACFC92EB12",
            "versionEndIncluding": "10.0.14393.8519"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20810926-AEC9-4C09-9C52-B4B8FADECF3A",
            "versionEndExcluding": "10.0.17763.7919"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1C1EA69-6BB8-4E59-8659-43581FDB48B7",
            "versionEndExcluding": "10.0.20348.4294"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "370C12D6-90EF-44BE-8070-AA0080C12600",
            "versionEndExcluding": "10.0.25398.1913"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD6268EB-C42B-406F-B3FF-6E694F93BF41",
            "versionEndIncluding": "10.0.26100.6899"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.