CVE-2025-47980 is a vulnerability identified in the Windows Imaging Component (WIC) of Microsoft Windows 10 Version 1507 (build 10240.0). The vulnerability is categorized under CWE-200, indicating an exposure of sensitive information to an unauthorized actor. Specifically, this flaw allows an attacker with local access to the affected system to disclose sensitive information without requiring any privileges or user interaction. The vulnerability does not impact system integrity or availability but compromises confidentiality by leaking data that should remain protected. The CVSS v3.1 base score is 6.2 (medium severity), with an attack vector limited to local access (AV:L), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N). The scope remains unchanged (S:U), and the impact is high on confidentiality (C:H) but none on integrity (I:N) or availability (A:N). No known exploits have been reported in the wild, and no patches have been published yet. The affected product is the initial release of Windows 10, which is largely superseded by newer versions, though some legacy systems may still be operational. The vulnerability could be exploited by an attacker who gains local access to the system, such as through physical access or via other means of local compromise, to extract sensitive information from the Windows Imaging Component. This component is responsible for image processing tasks, and the flaw likely involves improper handling of image data or related memory, leading to unintended data disclosure.

For European organizations, the primary impact of CVE-2025-47980 is the potential unauthorized disclosure of sensitive information on systems running Windows 10 Version 1507. Although this version is outdated, some legacy systems, industrial control systems, or embedded devices might still be in use, especially in sectors with long hardware lifecycles such as manufacturing, utilities, or government. Exposure of sensitive data could lead to information leakage that might aid further attacks or compromise privacy and compliance with regulations like GDPR. The local attack vector limits the threat to scenarios where attackers already have some form of access, reducing the risk of remote exploitation. However, insider threats or attackers who gain physical access could leverage this vulnerability to extract confidential data. The lack of impact on system integrity or availability means this vulnerability is less likely to cause operational disruption but still poses a confidentiality risk. Organizations with strict data protection requirements and legacy infrastructure should be particularly cautious.

1. Upgrade affected systems from Windows 10 Version 1507 to a supported and fully patched Windows version, as this is the most effective mitigation. 2. Restrict physical and local access to systems running legacy Windows 10 builds to trusted personnel only. 3. Implement strict access controls and monitoring on endpoints to detect unauthorized local access attempts. 4. Use application whitelisting and endpoint protection solutions to prevent unauthorized code execution that could facilitate local exploitation. 5. Regularly audit and inventory systems to identify any devices still running Windows 10 Version 1507 and prioritize their upgrade or isolation. 6. If upgrading immediately is not feasible, consider isolating vulnerable systems from sensitive networks and data to minimize exposure. 7. Stay alert for any Microsoft security advisories or patches addressing this vulnerability and apply them promptly once available.