#VU66348 Security features bypass in Windows and Windows Server - CVE-2022-34302
Published: August 10, 2022
Vulnerability identifier: #VU66348
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-34302
CWE-ID: CWE-254
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Windows
Windows Server
Windows
Windows Server
Software vendor:
Microsoft
Microsoft
Description
The vulnerability allows an attacker to bypass Secure Boot.
The vulnerability exists due to unspecified error. An attacker with physical access to the system can bypass Secure Boot and gain unauthorized access to the system.
Remediation
Install updates from vendor's website.