SB2022110913 - Security features bypass in Microsoft BitLocker

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022110913

SB2022110913 - Security features bypass in Microsoft BitLocker

Published: November 9, 2022

Security Bulletin ID SB2022110913
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Physical access
Highest impact Information disclosure

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Security features bypass (CVE-ID: CVE-2022-41099)

CWE-ID: CWE-254 - Security Features

CVSSv4: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to security features bypass in BitLocker. An attacker with physical access can gain access to encrypted data.


Remediation

Install update from vendor's website.

References