CVE-2025-32720 is classified as a CWE-125 out-of-bounds read vulnerability found in the Windows Storage Management Provider component of Microsoft Windows 10 Version 1507 (build 10.0.10240.0). This vulnerability arises when the software improperly handles memory boundaries, allowing an attacker with authorized local access and limited privileges to read memory outside the allocated buffer. This can lead to unauthorized disclosure of sensitive information stored in adjacent memory areas. The vulnerability does not require user interaction and does not affect system integrity or availability, focusing solely on confidentiality breaches. The CVSS 3.1 base score of 5.5 reflects a medium severity level, with attack vector local (AV:L), low attack complexity (AC:L), and privileges required (PR:L). No known exploits have been reported in the wild, and no official patches have been published yet. The vulnerability is specific to the initial release of Windows 10 (Version 1507), which is an outdated and largely unsupported version, limiting the affected population but still posing risks to legacy systems. The flaw could be leveraged by attackers who have already gained some level of access to the system to extract sensitive data, potentially aiding further attacks or data leakage.

The primary impact of CVE-2025-32720 is unauthorized disclosure of sensitive information due to out-of-bounds memory reads. This compromises confidentiality but does not affect system integrity or availability. Organizations running Windows 10 Version 1507 are at risk of local attackers with limited privileges accessing sensitive data in memory, which could include credentials, cryptographic keys, or other protected information. While exploitation requires local access and some privileges, the vulnerability could facilitate privilege escalation or lateral movement if combined with other exploits. The lack of known exploits reduces immediate risk, but the absence of patches means the vulnerability remains exploitable. Legacy systems in critical infrastructure, government, and enterprises that have not upgraded from Windows 10 Version 1507 are particularly vulnerable. The medium severity rating suggests moderate risk, but the potential for information leakage could have serious consequences depending on the data exposed.

1. Upgrade affected systems to a supported and fully patched version of Windows 10 or later, as Windows 10 Version 1507 is outdated and no longer supported by Microsoft. 2. Restrict local access to systems running this legacy OS version to trusted users only, minimizing the risk of local exploitation. 3. Implement strict access controls and monitoring to detect unauthorized local access attempts. 4. Use endpoint detection and response (EDR) tools to identify suspicious activities related to memory access or privilege escalation attempts. 5. Employ application whitelisting and least privilege principles to reduce the attack surface. 6. Regularly audit and inventory systems to identify any running Windows 10 Version 1507 and prioritize their upgrade or isolation. 7. Once Microsoft releases a patch, apply it promptly and verify remediation. 8. Educate users and administrators about the risks of running unsupported OS versions and the importance of timely updates.