Security features bypass in Windows and Windows Server - CVE-2022-34301

 

Security features bypass in Windows and Windows Server - CVE-2022-34301

Published: August 10, 2022


Vulnerability identifier: #VU66349
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-34301
CWE-ID: CWE-254
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Microsoft
Affected software:
Windows
Windows Server

Detailed vulnerability description

The vulnerability allows an attacker to bypass Secure Boot.

The vulnerability exists due to unspecified error. An attacker with physical access to the system can bypass Secure Boot and gain unauthorized access to the system.

How to mitigate CVE-2022-34301

Install updates from vendor's website.

Sources