CVE-2025-59290: 
vulnerability analysis and mitigation

A use-after-free vulnerability exists in the Windows Bluetooth Service that allows an authorized attacker to elevate privileges locally. This vulnerability was disclosed on October 14, 2025, and affects multiple versions of Windows including Windows 10, Windows 11, and Windows Server editions (Microsoft Advisory, NVD).

The vulnerability has been assigned CVE-2025-59290 with a CVSS v3.1 base score of 7.8 (High). The attack vector is Local (L), with Low attack complexity (AC:L), requiring Low privileges (PR:L), and No user interaction (UI:N). The scope is Unchanged (S:U), with High impact on Confidentiality (C:H), Integrity (I:H), and Availability (A:H). The vulnerability is classified as CWE-416 (Use After Free) (NVD).

If successfully exploited, this vulnerability allows an authorized attacker to elevate their privileges on the local system, potentially gaining full system access. This could enable an attacker to execute arbitrary code with elevated rights, install persistent backdoors, or disable security controls (NVD).

Microsoft has released security updates to address this vulnerability as part of the October 2025 Patch Tuesday updates. Affected systems should be updated to the following versions: Windows 10 21H2 (10.0.19044.6332), Windows 11 22H2 (10.0.22621.5909), Windows Server 2022 (10.0.20348.4106), and other corresponding versions for different Windows editions (NVD).