CVE-2025-59209 is a vulnerability identified in Microsoft Windows 10 Version 1507 (build 10240) involving the Windows Push Notification Core component. The issue is classified under CWE-200, indicating exposure of sensitive information to unauthorized actors. Specifically, an attacker with authorized local access can exploit this flaw to disclose sensitive information stored or processed by the Push Notification Core. The vulnerability does not require user interaction and has a low attack complexity, but it does require the attacker to have at least limited privileges on the affected system. The CVSS 3.1 base score is 5.5 (medium severity), reflecting high impact on confidentiality but no impact on integrity or availability. The vulnerability is currently published with no known exploits in the wild and no patches released yet. The Windows Push Notification Core is responsible for handling push notifications, which may include sensitive user or system data. Exposure of such information could aid attackers in further attacks or reconnaissance. Since the affected version is the initial release of Windows 10 from 2015, many systems have likely been upgraded, but legacy or specialized environments may still run this version. The vulnerability highlights the importance of maintaining updated systems and restricting local access to trusted users.

The primary impact of CVE-2025-59209 is unauthorized disclosure of sensitive information on affected Windows 10 Version 1507 systems. This can compromise confidentiality by allowing an attacker with local access to obtain data that should be protected, potentially including user credentials, system configuration details, or other sensitive notification data. While the vulnerability does not affect system integrity or availability, the leaked information could facilitate further attacks such as privilege escalation or lateral movement within a network. Organizations with legacy systems running this outdated Windows version are at risk, especially if local access controls are weak or if attackers can gain limited user privileges. The lack of known exploits reduces immediate risk, but the absence of patches means the vulnerability remains open for exploitation. The impact is more significant in environments where sensitive data is processed and where local access is not tightly controlled, such as in some industrial, governmental, or enterprise settings still using older Windows 10 builds.

To mitigate CVE-2025-59209, organizations should prioritize upgrading affected systems from Windows 10 Version 1507 to a supported, patched version of Windows 10 or later. Since no official patch is currently available, upgrading is the most effective mitigation. In the interim, restrict local access to trusted users only and enforce the principle of least privilege to minimize the risk of exploitation. Implement strict user account control policies and monitor local user activities for suspicious behavior. Employ endpoint detection and response (EDR) tools to detect attempts to access or extract sensitive information from the Push Notification Core or related components. Network segmentation can limit the impact if an attacker gains local access. Additionally, review and harden system configurations related to notifications and local data storage. Maintain regular backups and ensure incident response plans include scenarios involving local information disclosure. Stay alert for any future patches or advisories from Microsoft addressing this vulnerability.