Secure Boot Certificate Expiration Security Feature Bypass sérülékenység
Angol cím: Secure Boot Certificate Expiration Security Feature Bypass Vulnerability
Publikálás dátuma: 2026.01.19.
Utolsó módosítás dátuma: 2026.01.19.
Leírás
A termék olyan komponenst tartalmaz, amely nem frissíthető vagy javítható a sebezhetőségek vagy jelentős hibák eltávolítása érdekében.
Leírás forrása: CWE-1329 Leírás utolsó módosítása: 2025.12.11.Elemzés leírás
Eredeti nyelven: Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificates are approaching expiration, and devices containing affected certificate versions must update them to maintain Secure Boot functionality and avoid compromising security by losing security fixes related to Windows boot manager or Secure Boot. The operating system’s certificate update protection mechanism relies on firmware components that might contain defects, which can cause certificate trust updates to fail or behave unpredictably. This leads to potential disruption of the Secure Boot trust chain and requires careful validation and deployment to restore intended security guarantees.
Elemzés leírás forrása: CVE-2026-21265 Elemzés leírás utolsó módosítása: 2026.01.14.Hatás
CVSS3.1 Súlyosság és Metrika
Base score: 6.4 (Közepes)
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 0.5
Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): High
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality Impact (C): High
Integrity Impact (I): High
Availability Impact (A): High
Következmények
Loss of availability (Elérhetőség elvesztése)Loss of confidentiality (Bizalmasság elvesztése)
Loss of integrity (Sértetlenség elvesztése)
Hivatkozások
Sérülékeny szoftverek
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:* Up to (excluding) 10.0.14393.8783
cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:* Up to (excluding) 10.0.14393.8783
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:* Up to (excluding) 10.0.17763.8276
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* Up to (excluding) 10.0.17763.8276
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:* Up to (excluding) 10.0.19044.6809
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:* Up to (excluding) 10.0.19044.6809
cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:* Up to (excluding) 10.0.19044.6809
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:* Up to (excluding) 10.0.19045.6809
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:* Up to (excluding) 10.0.19045.6809
cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:* Up to (excluding) 10.0.19045.6809
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:* Up to (excluding) 10.0.22631.6491
cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:* Up to (excluding) 10.0.22631.6491
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:* Up to (excluding) 10.0.26100.7623
cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:* Up to (excluding) 10.0.26100.7623
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:* Up to (excluding) 10.0.26200.7623
cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:* Up to (excluding) 10.0.26200.7623
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* Up to (excluding) 10.0.14393.8783
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* Up to (excluding) 10.0.17763.8276
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* Up to (excluding) 10.0.20348.4648
cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:* Up to (excluding) 10.0.25398.2092
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:* Up to (excluding) 10.0.26100.32230