KLA87445 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of...

PT-2025-36877

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A use-after-free issue in Windows BitLocker can allow a local attacker to elevate privileges. This elevation-of-privilege allows attackers to affect the system. Recommendations: At the...

PT-2025-36876

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A use-after-free issue exists in Windows BitLocker that could allow a local attacker to gain elevated privileges. This vulnerability allows attackers to affect the system. Recommendations: ...

CVE-2025-48001

Time-of-check time-of-use toctou race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-48804

Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-48818

Time-of-check time-of-use toctou race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-48804

Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-48804

Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-48800

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-48003

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-48001

Time-of-check time-of-use toctou race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack...

CVE-2025-48818

CVE-2025-48818 is a TOCTOU race condition in Windows BitLocker that enables bypass of a security feature via physical access. The CVE is listed in NCSC/NCSC-2025-0213 with impact described as bypassing security measures under Windows BitLocker and a CVSS v3.1 base score of 6.8 (PHYSICAL vector, L...

CVE-2025-48804

CVE-2025-48804 : Windows BitLocker is affected by a security feature bypass through acceptance of extraneous untrusted data with trusted data, enabling a physical attacker to bypass protections. The connected Microsoft-related documents indicate that Microsoft released security updates addressing...

CVE-2025-48003

CVE-2025-48003 is a Windows BitLocker security feature bypass vulnerability described as a protection mechanism failure that allows an unauthorized attacker to bypass a security feature with a physical attack. The connected documents do not provide concrete technical details such as root cause, a...

CVE-2025-48001

Technical details about CVE-2025-48001 are not publicly provided in the supplied documents. No affected products, root cause, impact, or remediation specifics are present. Monitor for updates from vendors and security advisories.

PT-2025-28532 · Microsoft · Windows Bitlocker +1

Name of the Vulnerable Software and Affected Versions: Windows BitLocker affected versions not specified Description: A protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. This issue enables attackers to access...

PT-2025-28534 · Microsoft · Windows Bitlocker +1

Name of the Vulnerable Software and Affected Versions: Windows BitLocker affected versions not specified Description: A protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. Recommendations: At the moment, there is n...

PT-2025-28530 · Microsoft · Windows Bitlocker +1

Name of the Vulnerable Software and Affected Versions: Windows BitLocker affected versions not specified Description: A time-of-check time-of-use toctou race condition exists, allowing an unauthorized attacker to bypass a security feature with a physical attack. This issue enables attackers to...

PT-2025-28537

Name of the Vulnerable Software and Affected Versions Windows BitLocker affected versions not specified Description An issue exists where the acceptance of extraneous untrusted data alongside trusted data allows an unauthorized attacker to bypass a security feature. This exploit requires physical...

PT-2025-28549 · Microsoft · Windows Bitlocker +1

Name of the Vulnerable Software and Affected Versions: Windows BitLocker affected versions not specified Description: A time-of-check time-of-use toctou race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. This issue raises...