CVE-2025-47979: 
vulnerability analysis and mitigation

CVE-2025-47979 is a security vulnerability affecting Windows Failover Cluster that was disclosed on October 14, 2025. The vulnerability allows an authorized attacker to disclose information locally through the insertion of sensitive information into log files. This affects multiple versions of Windows Server, including Windows Server 2025 and Windows Server 2022 23H2 Edition (NVD, Microsoft Advisory).

The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium), with a vector string of CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N. This indicates a local attack vector, low attack complexity, low privileges required, no user interaction needed, unchanged scope, high confidentiality impact, and no impact on integrity or availability. The vulnerability is classified as CWE-532 (Insertion of Sensitive Information into Log File) (NVD).

The primary impact of this vulnerability is the potential disclosure of sensitive information. An authorized attacker with local access can exploit this vulnerability to view sensitive information that has been inappropriately logged by the Windows Failover Cluster component (AttackerKB).

Microsoft has released security updates to address this vulnerability. Affected systems include Windows Server 2025 (up to version 10.0.26100.6899) and Windows Server 2022 23H2 (up to version 10.0.25398.1913). Users are advised to apply the latest security updates to mitigate this vulnerability (Microsoft Advisory).