Skip to main content

CVE-2025-47980: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in Microsoft Windows 10 Version 1809

Medium
VulnerabilityCVE-2025-47980cvecve-2025-47980cwe-200
Published: Tue Jul 08 2025 (07/08/2025, 16:57:30 UTC)
Source: CVE Database V5
Vendor/Project: Microsoft
Product: Windows 10 Version 1809

Description

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.

AI-Powered Analysis

AILast updated: 08/07/2025, 00:46:14 UTC

Technical Analysis

CVE-2025-47980 is a vulnerability identified in the Windows Imaging Component (WIC) of Microsoft Windows 10 Version 1809 (build 10.0.17763.0). This vulnerability is classified under CWE-200, which pertains to the exposure of sensitive information to unauthorized actors. Specifically, the flaw allows an attacker with local access to the affected system to disclose sensitive information without requiring any privileges, user interaction, or authentication. The vulnerability arises from improper handling or protection of sensitive data within the Windows Imaging Component, a system component responsible for image processing and rendering. Exploitation of this vulnerability does not impact system integrity or availability but can lead to confidentiality breaches by exposing sensitive data to unauthorized local users. The CVSS v3.1 base score is 6.2, indicating a medium severity level. The attack vector is local (AV:L), with low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The scope remains unchanged (S:U), and the impact is high on confidentiality (C:H) but none on integrity (I:N) or availability (A:N). No known exploits are currently reported in the wild, and no patches or mitigation links have been provided at this time. The vulnerability was reserved in May 2025 and published in July 2025.

Potential Impact

For European organizations, the primary impact of CVE-2025-47980 lies in the potential unauthorized disclosure of sensitive information on systems running Windows 10 Version 1809. Since the vulnerability requires local access, the risk is higher in environments where multiple users share systems or where endpoint security controls are weak. Confidential data processed or stored on affected systems could be exposed to unauthorized users, potentially leading to data breaches, compliance violations (e.g., GDPR), and loss of intellectual property. Although the vulnerability does not allow remote exploitation or system compromise, insider threats or attackers who gain physical or remote desktop access could leverage this flaw to extract sensitive information. Organizations in sectors with stringent data protection requirements, such as finance, healthcare, and government, may face increased regulatory scrutiny and reputational damage if sensitive data is disclosed. The lack of a patch at present necessitates heightened vigilance and compensating controls to minimize exposure.

Mitigation Recommendations

Given the absence of an official patch, European organizations should implement specific mitigations to reduce risk from CVE-2025-47980. First, restrict local access to systems running Windows 10 Version 1809 by enforcing strict access controls, including limiting user accounts with local login privileges and employing strong authentication mechanisms. Deploy endpoint detection and response (EDR) solutions to monitor for suspicious local activity indicative of exploitation attempts. Consider upgrading affected systems to a newer, supported Windows version where this vulnerability is not present or has been patched. Employ application whitelisting and privilege management to prevent unauthorized code execution or escalation that could facilitate exploitation. Regularly audit and monitor file and process access related to the Windows Imaging Component to detect anomalous behavior. Additionally, educate users about the risks of sharing credentials or allowing untrusted individuals physical or remote access to their devices. Finally, maintain an inventory of affected systems to prioritize remediation efforts once a patch becomes available.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
microsoft
Date Reserved
2025-05-14T14:44:20.083Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 686d50d36f40f0eb72f91b0e

Added to database: 7/8/2025, 5:09:39 PM

Last enriched: 8/7/2025, 12:46:14 AM

Last updated: 8/18/2025, 1:22:21 AM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats