Main Vulnerability Database Vulnerabilities #VU62992

#VU62992 Security features bypass in Windows and Windows Server - CVE-2022-29127

Published: May 11, 2022

Vulnerability identifier: #VU62992

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-29127

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Windows
Windows Server

Software vendor:
Microsoft

Description

The vulnerability allows a local attacker to gain access to sensitive information.

The vulnerability exists due to an error in BitLocker. An attacker with physical access can gain access to encrypted data.

Install updates from vendor's website.