CVE-2025-60705 is a vulnerability classified under CWE-284 (Improper Access Control) affecting the Windows Client-Side Caching (CSC) service in Microsoft Windows 10 Version 1607 (build 10.0.14393.0). The CSC service is responsible for caching network files locally to improve performance and offline access. Due to improper access control mechanisms within this service, an attacker who already has authorized local access can exploit this flaw to elevate their privileges on the affected system. The vulnerability does not require user interaction and has a low attack complexity, meaning it can be exploited reliably once local access is obtained. The CVSS v3.1 base score of 7.8 reflects high impact on confidentiality, integrity, and availability, as the attacker can gain elevated privileges, potentially leading to full system compromise or unauthorized access to sensitive data. The vulnerability was reserved on September 26, 2025, and published on November 11, 2025. Currently, there are no known exploits in the wild and no official patches released by Microsoft, which increases the urgency for organizations to implement interim mitigations or upgrade to newer Windows versions. This vulnerability is particularly concerning for environments where Windows 10 Version 1607 remains in use, often due to legacy application dependencies or delayed patch cycles.

The primary impact of CVE-2025-60705 is the potential for local privilege escalation, allowing an attacker with authorized local access to gain higher privileges, such as SYSTEM or administrator level. This can lead to complete system compromise, unauthorized access to sensitive data, and the ability to install persistent malware or backdoors. The vulnerability affects confidentiality by exposing sensitive information, integrity by allowing unauthorized modification of system files or configurations, and availability by potentially disrupting system operations. Organizations running Windows 10 Version 1607 in critical environments—such as government, healthcare, finance, and industrial control systems—face increased risk of targeted attacks leveraging this flaw. The lack of patches and known exploits in the wild currently limits immediate widespread exploitation, but the vulnerability presents a significant risk if attackers develop reliable exploit code. Legacy systems and environments with limited security monitoring or restricted patch management are particularly vulnerable to exploitation.

1. Upgrade affected systems to a supported and fully patched version of Windows 10 or later, as Windows 10 Version 1607 is an older release with limited support. 2. Restrict local access to systems running the affected version by enforcing strict access controls, including limiting administrative privileges and using least privilege principles. 3. Implement application whitelisting and endpoint detection and response (EDR) solutions to monitor for suspicious privilege escalation attempts. 4. Use network segmentation to isolate legacy systems and reduce the attack surface. 5. Regularly audit user accounts and permissions to detect and remove unnecessary local accounts. 6. Monitor system logs for unusual activity related to the CSC service or privilege escalation attempts. 7. If upgrading is not immediately possible, consider disabling or restricting the CSC service where feasible, understanding the operational impact. 8. Stay alert for official patches or advisories from Microsoft and apply them promptly once available.