724 matches found
Windows BitLocker Security Feature Bypass Vulnerability
Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices. We are issuing this CVE to provide mitigation guidance that can be...
Microsoft Windows BitLocker 命令注入漏洞
Microsoft Windows BitLocker is a security feature provided by Microsoft that ensures the recovery key is backed up and secure before it is activated. Microsoft Windows BitLocker has a command injection vulnerability, which stems from a flaw in the security function’s implementation. The following...
Zero-Day Exploit Against Windows BitLocker
It's nasty, but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft...
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework CTFMON. The security defects have been codenamed YellowKe...
PT-2026-48123
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description A protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature through a physical attack. This issue is related to access control errors, whi...
PT-2026-41382
Уязвимость компонента BitLocker операционных систем Windows связана с нарушением механизма защиты данных. Эксплуатация уязвимости может позволить нарушителю получить несанкционированный доступ к защищаемой информации...
Exploit for Acceptance of Extraneous Untrusted Data With Trusted Data in Microsoft
BitUnlocker Downgrade Attack A proof of concept for accessing...
CVE-2026-27913
Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally...
EUVD-2026-22455
Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-27913
Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-27913 Windows BitLocker Security Feature Bypass Vulnerability
...
CVE-2026-27913
Technical details of CVE-2026-27913 are not provided in the supplied documents. Monitor for updates from Microsoft and CVE records for affected components, impact, and mitigations.
CVE-2026-27913 Windows BitLocker Security Feature Bypass Vulnerability
...
Windows BitLocker Security Feature Bypass Vulnerability
Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally...
April 14, 2026—KB5083768 (OS Build 28000.1836)
April 14, 2026—KB5083768 OS Build 28000.1836 This security update for Windows 11, version 26H1 KB5083768, includes the latest security improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates, optional...
PT-2026-32775
Name of the Vulnerable Software and Affected Versions Windows BitLocker affected versions not specified Description Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature, specifically Secure Boot, locally. This issue poses a risk to data...
Microsoft Windows BitLocker 输入验证错误漏洞
Microsoft Windows BitLocker is a security feature provided by Microsoft that ensures the recovery key is backed up and secure before it is activated. There is an input validation vulnerability in Microsoft Windows BitLocker. Attackers can exploit this vulnerability to bypass certain features. The...
CVE-2025-10010 Integrity Validation Bypass in CryptoPro Secure Disk for BitLocker
The CPSD CryptoPro Secure Disk application boots a small Linux operating system to perform user authentication before using BitLocker to decrypt the Windows partition. The system is located on a separate unencrypted partition which can be reached by anyone with access to the hard disk. Multiple...
CVE-2025-10010
The CVE affects the CPSD CryptoPro Secure Disk: during boot, a small Linux OS validates integrity via IMA, but configuration files are not validated by IMA. This can allow an attacker with physical access to alter config files on the unencrypted partition, enabling arbitrary code execution as roo...
PT-2026-21741
Name of the Vulnerable Software and Affected Versions CPSD CryptoPro Secure Disk affected versions not specified Description The CPSD CryptoPro Secure Disk application utilizes a small Linux operating system for user authentication prior to BitLocker decryption of the Windows partition. The Linux...