CVE-2022-35763 is a high-severity elevation of privilege vulnerability affecting Microsoft Windows 10 Version 1809, specifically version 10.0.17763.0. The vulnerability resides in the Storage Spaces Direct component, a feature that enables the creation of highly available and scalable storage using local storage on multiple servers. The flaw allows an attacker with limited privileges (local access with low privileges) to escalate their privileges to higher levels, potentially SYSTEM level, without requiring user interaction. The CVSS 3.1 base score of 7.8 reflects the significant impact on confidentiality, integrity, and availability, as the vulnerability can be exploited locally with low complexity and no user interaction. The vulnerability is classified under CWE-269 (Improper Privilege Management), indicating that the system fails to properly enforce access controls. Although no known exploits are reported in the wild, the vulnerability presents a serious risk if an attacker gains local access to a vulnerable system. Exploitation could allow attackers to execute arbitrary code with elevated privileges, modify or delete sensitive data, or disrupt system availability. The vulnerability was published on August 9, 2022, and no patch links are provided in the data, suggesting that organizations must verify patch availability and apply updates promptly to remediate the issue.

For European organizations, this vulnerability poses a significant risk, especially for enterprises and public sector entities still running Windows 10 Version 1809 in their infrastructure. The ability to elevate privileges locally can facilitate lateral movement within networks, enabling attackers to compromise critical systems and sensitive data. This is particularly concerning for organizations handling regulated data under GDPR, as unauthorized access or data modification could lead to compliance violations and substantial fines. The Storage Spaces Direct feature is often used in data centers and enterprise storage solutions, so organizations relying on this technology may face increased risk of disruption or data breaches. Additionally, the lack of known exploits in the wild does not diminish the threat, as attackers could develop exploits given the public disclosure. The vulnerability could also be leveraged in targeted attacks against high-value European targets, including government agencies, financial institutions, and critical infrastructure operators.

European organizations should immediately verify if any systems are running Windows 10 Version 1809 (build 10.0.17763.0) and specifically using Storage Spaces Direct. They should prioritize patch management by checking Microsoft's official security update catalogs or security advisories for patches addressing CVE-2022-35763 and apply them without delay. If patches are not yet available, organizations should consider temporary mitigations such as restricting local access to trusted users only, enforcing strict access controls, and monitoring for suspicious local privilege escalation attempts through enhanced logging and endpoint detection and response (EDR) tools. Network segmentation can limit the impact of a compromised host. Additionally, organizations should review and harden Storage Spaces Direct configurations to minimize attack surface. Regularly auditing user privileges and applying the principle of least privilege will reduce the risk of exploitation. Finally, maintaining up-to-date backups and incident response plans will help mitigate potential damage from exploitation.