CVE-2025-32722 is a vulnerability classified under CWE-284 (Improper Access Control) affecting the Windows Storage Port Driver in Windows 10 Version 1507 (build 10.0.10240.0). This driver component is responsible for managing storage device communications and operations. The flaw allows an attacker who already has some level of local access (limited privileges) to bypass intended access controls and disclose sensitive information from the system. The vulnerability does not require user interaction and can be exploited locally, meaning the attacker must have some form of access to the machine but does not need elevated privileges or user consent to trigger the information disclosure. The CVSS 3.1 base score of 5.5 reflects a medium severity, with high confidentiality impact but no impact on integrity or availability. The scope is unchanged, indicating the vulnerability affects only the vulnerable component and does not propagate to other system components. No known exploits have been reported in the wild, and no official patches have been linked at the time of publication. This vulnerability primarily threatens legacy Windows 10 installations that have not been updated or migrated to newer versions, as Windows 10 Version 1507 is an early release from 2015 and is out of mainstream support. Attackers could leverage the disclosed information to facilitate privilege escalation or lateral movement within a compromised environment.

The primary impact of CVE-2025-32722 is unauthorized disclosure of sensitive information on affected Windows 10 Version 1507 systems. This can compromise confidentiality by exposing data that should be protected by access controls within the storage driver. Although the vulnerability does not affect system integrity or availability directly, the leaked information could be used by attackers to plan further attacks such as privilege escalation or targeted exploitation of other vulnerabilities. Organizations running legacy Windows 10 systems, especially in environments where local access is possible (e.g., shared workstations, terminal servers, or physical access scenarios), face increased risk. The impact is particularly significant for sectors handling sensitive or regulated data, including government, finance, healthcare, and critical infrastructure. Since the vulnerability requires local access and limited privileges, remote exploitation is not feasible, reducing the attack surface but not eliminating risk in environments with insider threats or compromised user accounts.

To mitigate CVE-2025-32722, organizations should prioritize upgrading affected systems from Windows 10 Version 1507 to a supported and fully patched Windows version, such as Windows 10 LTSC or Windows 11, which receive ongoing security updates. If upgrading is not immediately possible, organizations should implement strict local access controls and monitoring to prevent unauthorized users from gaining any level of access to vulnerable machines. Employing endpoint detection and response (EDR) solutions can help detect suspicious local activities that might attempt to exploit this vulnerability. Additionally, enforcing the principle of least privilege to limit user permissions reduces the risk of exploitation. Network segmentation and physical security controls can further limit attacker opportunities. Once Microsoft releases an official patch, it should be applied promptly. Until then, organizations should audit and restrict access to systems running this legacy OS version and consider compensating controls such as encryption of sensitive data at rest to reduce the impact of potential information disclosure.