CVE-2025-49722 is a medium-severity vulnerability classified under CWE-400 (Uncontrolled Resource Consumption) affecting Microsoft Windows 10 Version 1809 (build 10.0.17763.0). The vulnerability resides in the Windows Print Spooler components, which are responsible for managing print jobs and printer interactions. An authorized attacker with local privileges on an adjacent network can exploit this flaw to trigger excessive resource consumption, leading to a denial-of-service (DoS) condition. Specifically, the attacker can cause the Print Spooler service to consume excessive CPU, memory, or other system resources, thereby degrading system performance or causing the service to crash. This results in the inability of legitimate users to print or use related services, impacting availability. The attack vector requires adjacent network access, meaning the attacker must be on the same local network segment or connected via a VPN or similar means. No user interaction is required once the attacker has the necessary privileges. The CVSS v3.1 base score is 5.7, reflecting a medium severity with the following metrics: Attack Vector (Adjacent Network), Attack Complexity (Low), Privileges Required (Low), User Interaction (None), Scope (Unchanged), Confidentiality (None), Integrity (None), and Availability (High). There are currently no known exploits in the wild, and no patches have been linked yet, indicating that mitigation may rely on workarounds or limiting access until an official fix is released.

For European organizations, this vulnerability poses a risk primarily to availability of printing services within corporate or institutional networks that still operate Windows 10 Version 1809 systems. Printing remains a critical function in many sectors including government, healthcare, manufacturing, and finance. A successful exploitation could disrupt business operations by denying printing capabilities, potentially delaying workflows and causing operational inefficiencies. While the vulnerability does not impact confidentiality or integrity, the denial of service could indirectly affect compliance with regulatory requirements that mandate availability of certain services. Additionally, organizations with segmented networks or strict access controls may be less exposed, but those with flat or poorly segmented networks could see broader impact. Since the attack requires adjacent network access and low privileges, insider threats or compromised devices within the local network pose a realistic risk vector. The lack of known exploits reduces immediate risk, but the absence of patches means organizations must remain vigilant.

1. Network Segmentation: Restrict access to print spooler services by segmenting networks and limiting adjacent network access to trusted devices only. 2. Access Control: Enforce strict access controls and monitor accounts with low privileges that can interact with the print spooler. 3. Disable Print Spooler Service: Where printing is not essential, disable the Print Spooler service on Windows 10 Version 1809 systems to eliminate the attack surface. 4. Apply Workarounds: Monitor Microsoft security advisories for any recommended workarounds or temporary mitigations until an official patch is released. 5. Monitoring and Logging: Enable detailed logging of print spooler activity and network connections to detect unusual resource consumption patterns indicative of exploitation attempts. 6. Upgrade Path: Plan and expedite upgrading affected systems to supported Windows versions with security patches, as Windows 10 Version 1809 is an older release with limited support. 7. Insider Threat Management: Implement user behavior analytics and endpoint detection to identify potential insider threats or compromised devices that could exploit this vulnerability.