CVE-2025-60708 is a vulnerability classified under CWE-822 (Untrusted Pointer Dereference) found in the Storvsp.sys driver component of Microsoft Windows 10 Version 1809 (build 17763.0). The flaw arises when the driver dereferences a pointer that can be influenced by an authorized local attacker, leading to improper memory access. This can cause the driver or the entire system to crash, resulting in a denial of service (DoS) condition. The vulnerability requires the attacker to have local privileges (PR:L) but does not require user interaction (UI:N). The attack complexity is low (AC:L), meaning an attacker with local access can reliably trigger the issue without special conditions. The vulnerability does not compromise confidentiality or integrity but impacts availability (A:H). The scope is changed (S:C), indicating that the vulnerability affects components beyond the vulnerable driver, potentially causing system-wide impact. No known exploits have been reported in the wild, and no official patches have been linked yet, though the vulnerability was published on November 11, 2025. The Storvsp.sys driver is part of the Windows storage virtualization stack, and its failure can disrupt critical storage operations, causing system instability or crashes. This vulnerability is relevant for environments still running the older Windows 10 Version 1809, which may be present in legacy systems or specialized industrial setups.

For European organizations, the primary impact of CVE-2025-60708 is the potential for local denial of service on systems running Windows 10 Version 1809. This could disrupt business operations by causing system crashes or reboots, especially in environments relying on legacy systems that have not been updated. Critical infrastructure or industrial control systems using this Windows version may experience operational interruptions. Although the vulnerability does not allow data theft or modification, the loss of availability can affect service continuity, leading to downtime and potential financial losses. Organizations with strict uptime requirements or those in sectors such as manufacturing, healthcare, or finance could face operational risks. Additionally, the need for local access means that insider threats or compromised user accounts could exploit this vulnerability to disrupt systems. The absence of known exploits reduces immediate risk, but the medium severity rating and potential for system crashes warrant proactive mitigation.

Organizations should prioritize upgrading systems from Windows 10 Version 1809 to a more recent and supported Windows version where this vulnerability is not present. Until patches are available, restrict local access to affected systems by enforcing strict access controls and monitoring for suspicious local activity. Employ application whitelisting and endpoint protection solutions to detect and prevent attempts to exploit the vulnerability. Regularly audit and minimize the number of users with local privileges to reduce the attack surface. For critical systems that must remain on Version 1809, consider isolating them from general user environments and implementing robust monitoring to detect abnormal system crashes or driver failures. Stay informed through Microsoft security advisories for the release of official patches and apply them promptly once available. Additionally, conduct regular backups to ensure rapid recovery in case of system disruption caused by exploitation attempts.