CVE-2022-35765 is a high-severity elevation of privilege vulnerability affecting Microsoft Windows 10 Version 1809, specifically related to the Storage Spaces Direct feature. Storage Spaces Direct is a software-defined storage solution that enables the clustering of local storage devices to create highly available and scalable storage pools. The vulnerability arises from improper handling of permissions or access controls within this component, allowing an attacker with limited privileges (low-level privileges) to escalate their rights to higher privilege levels, potentially SYSTEM level. The CVSS 3.1 base score of 7.8 reflects the significant impact on confidentiality, integrity, and availability, with the attack vector being local (AV:L), requiring low complexity (AC:L), and low privileges (PR:L) but no user interaction (UI:N). The scope is unchanged (S:U), meaning the vulnerability affects only the vulnerable component without impacting other components. Exploitation could allow an attacker to gain full control over the affected system, leading to unauthorized access to sensitive data, modification or deletion of critical files, and disruption of system availability. Although no known exploits in the wild have been reported, the vulnerability's nature and impact warrant prompt attention. The vulnerability is classified under CWE-269 (Improper Privilege Management), indicating that the flaw is due to insufficient enforcement of privilege restrictions. The affected version is Windows 10 Version 1809 (build 10.0.17763.0), which is an older release of Windows 10, and no patch links were provided in the data, suggesting that organizations must verify patch availability from official Microsoft sources.

For European organizations, this vulnerability poses a significant risk, especially for enterprises and data centers relying on Windows 10 Version 1809 with Storage Spaces Direct deployments. Successful exploitation could lead to attackers gaining elevated privileges on critical servers or workstations, enabling lateral movement within networks, data exfiltration, or sabotage of storage infrastructure. This is particularly concerning for sectors with stringent data protection requirements such as finance, healthcare, and government institutions across Europe. The potential compromise of storage systems could violate GDPR mandates on data confidentiality and integrity, leading to regulatory penalties and reputational damage. Additionally, organizations running legacy systems or those slow to update may remain exposed longer, increasing the attack surface. Given the local attack vector, insider threats or attackers with initial footholds could leverage this vulnerability to escalate privileges and deepen their access.

European organizations should immediately assess their environment for the presence of Windows 10 Version 1809 systems utilizing Storage Spaces Direct. Since no patch links were provided, organizations must consult Microsoft's official security update channels to obtain and apply any available patches or security updates addressing CVE-2022-35765. In the absence of patches, mitigating controls include restricting local access to trusted users only, implementing strict access control policies, and employing endpoint detection and response (EDR) solutions to monitor for suspicious privilege escalation activities. Network segmentation can limit the spread of an attacker who gains elevated privileges. Additionally, organizations should enforce the principle of least privilege, ensuring users and services operate with minimal necessary rights. Regular auditing of privilege assignments and system logs can help detect attempts to exploit this vulnerability. Finally, planning for an upgrade to a supported and fully patched Windows version is advisable to reduce exposure to legacy vulnerabilities.