CVE-2025-48804

FAQ

What kind of security feature could be bypassed by successfully exploiting this vulnerability?

A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to the target could exploit this vulnerability to gain access to encrypted data.

How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by loading a WinRE.wim file while the OS volume is unlocked, granting access to BitLocker encrypted data.

Are there any further actions I need to take to be protected from this boot manager rollback vulnerability?

Boot manager Secure Version Number/SVN has been incremented and optional Bootmgr SVN revision DBXUpdate has been included in updates released on or after July 9, 2024 security update. Refer to How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 for guidance on how to apply these revocations to get full protection from boot manager rollback vulnerabilities.