CVE-2025-21336 is a cryptographic information disclosure vulnerability identified in Microsoft Windows 10 Version 1507 (build 10.0.10240.0). It is classified under CWE-203, which involves observable discrepancies that can leak sensitive information. The vulnerability allows an attacker with low-privileged local access to observe discrepancies in cryptographic operations or data, leading to unauthorized disclosure of sensitive cryptographic information. The CVSS v3.1 base score is 5.6 (medium severity), with an attack vector limited to local access (AV:L), high attack complexity (AC:H), requiring low privileges (PR:L), and no user interaction (UI:N). The scope is changed (S:C), meaning the vulnerability affects resources beyond the initially vulnerable component. The impact is high on confidentiality (C:H), with no impact on integrity (I:N) or availability (A:N). No known exploits have been reported in the wild, and no patches have been released as of the publication date. This vulnerability could potentially aid attackers in further cryptographic attacks or privilege escalation by exposing sensitive cryptographic material. Since Windows 10 Version 1507 is an early release version, it is largely out of mainstream support, increasing the risk for organizations still running this version. The lack of patches necessitates proactive mitigation strategies.

For European organizations, the primary impact is the potential unauthorized disclosure of sensitive cryptographic information, which could compromise the confidentiality of encrypted data, authentication tokens, or cryptographic keys. This leakage could facilitate subsequent attacks such as privilege escalation, lateral movement, or decryption of sensitive communications. Although the vulnerability requires local access, insider threats or attackers who have gained initial footholds could exploit it. The affected Windows 10 Version 1507 is an outdated release, but some legacy systems in critical infrastructure, manufacturing, or government sectors may still operate it, increasing risk. The medium severity indicates a moderate risk, but the changed scope and high confidentiality impact warrant attention. No impact on integrity or availability reduces the risk of system disruption but does not diminish the threat to data confidentiality. The absence of known exploits provides a window for mitigation before active exploitation occurs.

1. Upgrade all systems running Windows 10 Version 1507 to a supported and fully patched version of Windows 10 or later to eliminate the vulnerability. 2. Restrict local access to systems, enforcing strict access controls and monitoring for unauthorized logins or privilege escalations. 3. Implement robust endpoint detection and response (EDR) solutions to detect anomalous cryptographic operations or suspicious local activities. 4. Conduct regular audits of legacy systems to identify and remediate unsupported software versions. 5. Use application whitelisting and least privilege principles to limit the ability of low-privileged users to execute potentially harmful operations. 6. Educate internal users about the risks of local access vulnerabilities and enforce strong physical security controls to prevent unauthorized access. 7. Monitor security advisories from Microsoft for any forthcoming patches or mitigations related to this CVE and apply them promptly once available.