CVE-2016-3320

Опубликовано: 09 авг. 2016

Источник: nvd

CVSS3: 4.9

CVSS2: 4

EPSS Средний

Описание

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow attackers to bypass the Secure Boot protection mechanism by leveraging (1) administrative or (2) physical access to install a crafted boot manager, aka "Secure Boot Security Feature Bypass."

Ссылки

http://www.securityfocus.com/bid/92304
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036573
Third Party Advisory
VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-100
Patch
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVB6Y2TVKSOBTIIBRUAJUIH3LQHMHCAG/
http://www.securityfocus.com/bid/92304
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036573
Third Party Advisory
VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-100
Patch
Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVB6Y2TVKSOBTIIBRUAJUIH3LQHMHCAG/

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_10:1511:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.13014

Средний

4.9 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-254

Связанные уязвимости

CVE-2016-3320

CVSS3: 6.6

msrc

почти 9 лет назад

Secure Boot Security Feature Bypass Vulnerability

GHSA-55gv-2639-x9jq