Main Vulnerability Database SB2021091455

SB2021091455 - Security features bypass in Microsoft BitLocker

Published: September 14, 2021

Security Bulletin ID SB2021091455

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Security features bypass (CVE-ID: CVE-2021-38632)

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to security feature bypass issue in BitLocker. An attacker with physical access can bypass the BitLocker Device Encryption feature on the system storage device and gain access to encrypted data.

Remediation

Install update from vendor's website.

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38632