CVE-2025-32722 is a medium severity vulnerability classified under CWE-284 (Improper Access Control) affecting Microsoft Windows 10 Version 1809 (build 10.0.17763.0). The flaw resides in the Windows Storage Port Driver, a component responsible for managing communication between the operating system and storage devices. Specifically, the vulnerability allows an authorized local attacker with limited privileges (low-level privileges) to bypass intended access controls and disclose sensitive information stored or processed by the system. The attack vector requires local access (AV:L), and the attacker must have some level of privileges (PR:L), but no user interaction is needed (UI:N). The vulnerability does not impact system integrity or availability but compromises confidentiality by allowing unauthorized information disclosure. The CVSS v3.1 base score is 5.5, reflecting a medium severity level due to the limited attack scope and requirement for local privileges. No known exploits are currently reported in the wild, and no patches or mitigation links have been published yet. The vulnerability's improper access control nature indicates that the Storage Port Driver fails to enforce correct permission checks, potentially exposing sensitive storage-related data to unauthorized local users.

For European organizations, this vulnerability poses a risk primarily to environments still running legacy Windows 10 Version 1809 systems, which may be found in industrial control systems, embedded devices, or legacy enterprise desktops. The unauthorized disclosure of sensitive information could lead to leakage of confidential business data, intellectual property, or personally identifiable information (PII), potentially violating GDPR requirements and leading to regulatory penalties. Although the vulnerability requires local access and some privileges, insider threats or attackers who gain initial foothold through other means could leverage this flaw to escalate their information gathering capabilities. This could facilitate further attacks such as targeted espionage or lateral movement within corporate networks. The lack of impact on system integrity or availability limits the immediate operational disruption, but the confidentiality breach alone is significant for sectors handling sensitive data, such as finance, healthcare, and government agencies across Europe.

Given the absence of an official patch, European organizations should implement the following specific mitigations: 1) Identify and inventory all systems running Windows 10 Version 1809, prioritizing those with access to sensitive data or critical infrastructure. 2) Restrict local user privileges to the minimum necessary, ensuring that only trusted personnel have access to systems with this OS version. 3) Employ application whitelisting and endpoint detection and response (EDR) solutions to monitor and restrict unauthorized local activities that could exploit this vulnerability. 4) Use network segmentation to limit lateral movement opportunities from compromised local accounts. 5) Where possible, upgrade or migrate systems to supported Windows versions with security updates to eliminate exposure. 6) Implement strict physical security controls to prevent unauthorized local access to devices. 7) Monitor logs for unusual access patterns to storage drivers or attempts to access sensitive storage-related information. These targeted steps go beyond generic advice by focusing on minimizing local privilege abuse and exposure on legacy Windows 10 1809 systems.