CVE-2025-64673 is a vulnerability classified under CWE-284 (Improper Access Control) found in the Storvsp.sys driver component of Microsoft Windows 10 Version 1809 (build 17763.0). This driver flaw allows an attacker who already has local authorized access to the system to escalate their privileges to a higher level, potentially SYSTEM-level. The vulnerability arises because the driver does not properly enforce access control checks, enabling privilege escalation without requiring user interaction. The CVSS 3.1 base score is 7.8, indicating a high severity with the vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, meaning the attack requires local access with low complexity, privileges, and no user interaction, but results in high impact on confidentiality, integrity, and availability. No public exploits have been reported yet, but the vulnerability is publicly disclosed and should be considered a significant risk. The lack of a patch link suggests that a fix may be pending or in development. This vulnerability primarily affects legacy Windows 10 systems, which remain in use in some enterprise environments. Attackers exploiting this flaw could gain elevated privileges, allowing them to install malware, access sensitive data, or disrupt system operations.

For European organizations, the impact of CVE-2025-64673 can be substantial, especially for those still operating Windows 10 Version 1809 in production environments. Successful exploitation allows attackers to escalate privileges locally, potentially leading to full system compromise. This can result in unauthorized access to confidential data, disruption of critical services, and the ability to deploy persistent malware or ransomware. Sectors such as finance, healthcare, government, and critical infrastructure are particularly vulnerable due to the sensitive nature of their data and the potential for operational disruption. The vulnerability's local attack vector means that initial access is required, but once inside, attackers can leverage this flaw to bypass security controls. Given the high confidentiality, integrity, and availability impact, exploitation could lead to severe regulatory and reputational consequences under European data protection laws such as GDPR.

To mitigate CVE-2025-64673, European organizations should prioritize upgrading or patching affected Windows 10 Version 1809 systems as soon as Microsoft releases an official security update. Until patches are available, organizations should implement strict local access controls, limiting user privileges to the minimum necessary and monitoring for unusual privilege escalation attempts. Employing endpoint detection and response (EDR) solutions can help detect suspicious activities related to driver manipulation or privilege escalation. Additionally, organizations should conduct regular audits of installed Windows versions to identify and phase out legacy systems that no longer receive security updates. Network segmentation and application whitelisting can further reduce the risk of lateral movement by attackers who gain local access. Finally, educating users about the risks of local access compromise and enforcing strong authentication policies can reduce the likelihood of initial unauthorized access.