Secure Boot bypass in Microsoft Windows

Published: 2016-08-10 13:41:09
Severity Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2016-3320
CVSSv3 7.7 [CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CWE ID CWE-284
Exploitation vector Local
Public exploit N/A
Vulnerable software Windows
Windows Server
Vulnerable software versions Windows 8.1
Windows RT 8.1
Windows 10
Windows Server 2012
Windows Server 2012 R2
Vendor URL Microsoft

Security Advisory

1) Secure Boot feature bypass

Description

The vulnerability allows a local user to bypass security restrictions and gain elevated privileges on vulnerable system.

The vulnerability exists due Windows Secure Boot incorrectly loads boot manager. A local user with physical access to computer and local administrative rights can disable code integrity checks, allowing test-signed executables and drivers to be loaded onto a target device, and bypass Secure Boot Integrity Validation for BitLocker and Device Encryption security features.

Successful exploitation of this vulnerability will allow a local user to gain complete access to vulnerable system.

External links

https://technet.microsoft.com/en-us/library/security/ms16-100.aspx

Back to List