Main Vulnerability Database Vulnerabilities #VU65216

#VU65216 Security features bypass in Windows Server and Windows - CVE-2022-22048

Published: July 12, 2022

Vulnerability identifier: #VU65216

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-22048

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Windows Server
Windows

Software vendor:
Microsoft

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to security feature bypass issue in BitLocker. An attacker with physical access can bypass the BitLocker Device Encryption feature on the system storage device and gain access to encrypted data.

Remediation

Install updates from vendor's website.

External links

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22048

#VU65216 Security features bypass in Windows Server and Windows - CVE-2022-22048

Description

Remediation

External links

Please verify you're human