Base Score

MEDIUM5

CVE-2025-59198

Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

VectorLOCAL

Published Bysecure@microsoft.com

Published DateOct 14, 2025, 17:15

Weakness Type (CWE):NVD-CWE-noinfo

CVSS Metrics

Base Score

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-59198

Base Score

MEDIUM5

Weakness Type (CWE):NVD-CWE-noinfo

CVSS Metrics

Base Score

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

LOCAL

Attack Complexity (AC)

LOW

Privileges Required (PR)

LOW

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH