CVE-2025-55336Sensitive Information Exposure in Microsoft Windows 10 Version 1809

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 79.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
19
Microsoft Windows 10 Version 1809Microsoft Windows 10 Version 21h2Microsoft Windows 10 Version 22h2+16 more
Timeline
PublishedOct 14

Description

Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages19 packages

NVDmicrosoft/windows< 10.0.17763.7919+3
NVDmicrosoft/windows_10_1809< 10.0.17763.7919
NVDmicrosoft/windows_10_21h2< 10.0.19044.6456
NVDmicrosoft/windows_10_22h2< 10.0.19045.6456
NVDmicrosoft/windows_11_22h2< 10.0.22621.6060

🔴Vulnerability Details

2
CVEList
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability2025-10-14
GHSA
GHSA-w3jf-w2fp-2899: Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose informa2025-10-14

📋Vendor Advisories

1
Microsoft
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability2025-10-14
CVE-2025-55336 — Sensitive Information Exposure | cvebase