CVE-2025-47980 is a vulnerability identified in the Windows Imaging Component (WIC) of Microsoft Windows 10 Version 1809 (build 10.0.17763.0). This vulnerability is classified under CWE-200, which pertains to the exposure of sensitive information to unauthorized actors. Specifically, the flaw allows an attacker with local access to the affected system to disclose sensitive information without requiring any privileges, user interaction, or authentication. The vulnerability arises from improper handling or protection of sensitive data within the Windows Imaging Component, a system component responsible for image processing and rendering. Exploitation of this vulnerability does not impact system integrity or availability but can lead to confidentiality breaches by exposing sensitive data to unauthorized local users. The CVSS v3.1 base score is 6.2, indicating a medium severity level. The attack vector is local (AV:L), with low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The scope remains unchanged (S:U), and the impact is high on confidentiality (C:H) but none on integrity (I:N) or availability (A:N). No known exploits are currently reported in the wild, and no patches or mitigation links have been provided at this time. The vulnerability was reserved in May 2025 and published in July 2025.

For European organizations, the primary impact of CVE-2025-47980 lies in the potential unauthorized disclosure of sensitive information on systems running Windows 10 Version 1809. Since the vulnerability requires local access, the risk is higher in environments where multiple users share systems or where endpoint security controls are weak. Confidential data processed or stored on affected systems could be exposed to unauthorized users, potentially leading to data breaches, compliance violations (e.g., GDPR), and loss of intellectual property. Although the vulnerability does not allow remote exploitation or system compromise, insider threats or attackers who gain physical or remote desktop access could leverage this flaw to extract sensitive information. Organizations in sectors with stringent data protection requirements, such as finance, healthcare, and government, may face increased regulatory scrutiny and reputational damage if sensitive data is disclosed. The lack of a patch at present necessitates heightened vigilance and compensating controls to minimize exposure.

Given the absence of an official patch, European organizations should implement specific mitigations to reduce risk from CVE-2025-47980. First, restrict local access to systems running Windows 10 Version 1809 by enforcing strict access controls, including limiting user accounts with local login privileges and employing strong authentication mechanisms. Deploy endpoint detection and response (EDR) solutions to monitor for suspicious local activity indicative of exploitation attempts. Consider upgrading affected systems to a newer, supported Windows version where this vulnerability is not present or has been patched. Employ application whitelisting and privilege management to prevent unauthorized code execution or escalation that could facilitate exploitation. Regularly audit and monitor file and process access related to the Windows Imaging Component to detect anomalous behavior. Additionally, educate users about the risks of sharing credentials or allowing untrusted individuals physical or remote access to their devices. Finally, maintain an inventory of affected systems to prioritize remediation efforts once a patch becomes available.