Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mscveMicrosoftMS:CVE-2024-20688
HistoryApr 09, 2024 - 7:00 a.m.

Secure Boot Security Feature Bypass Vulnerability

2024-04-0907:00:00
Microsoft
msrc.microsoft.com
13
secure boot
security feature
bypass vulnerability
microsoft

CVSS3

7.1

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

EPSS

0.128

Percentile

95.6%

JSON

Affected configurations

Vulners
Node
microsoftwindows_server_2012Range<6.3.9600.21924r2
OR
microsoftwindows_server_2012Range<6.3.9600.21924r2
OR
microsoftwindows_server_2012Range<6.2.9200.24821
OR
microsoftwindows_server_2012Range<6.2.9200.24821
VendorProductVersionCPE
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:r2:*:*:*:*:*:*
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*

Related

vulnrichment 2
nvd 2
cvelist 2
cve 2
prion 1
attackerkb 1
msrc 3
schneier 1
mscve 26
githubexploit 2
thn 2
veeam 1
talosblog 1
malwarebytes 1
trellix 2
krebs 1
avleonov 1
nessus 13
qualysblog 1
securelist 1
openvas 4
kaspersky 3
mskb 17
ics 1
rapid7blog 2
vulnrichment
vulnrichment
CVE-2024-20688 Secure Boot Security Feature Bypass Vulnerability
2024-04-09 17:00:06
CVE-2023-24932 Secure Boot Security Feature Bypass Vulnerability
2023-05-09 17:03:07
nvd
nvd
CVE-2024-20688
2024-04-09 17:15:33
CVE-2023-24932
2023-05-09 18:15:12
cvelist
cvelist
CVE-2024-20688 Secure Boot Security Feature Bypass Vulnerability
2024-04-09 17:00:06
CVE-2023-24932 Secure Boot Security Feature Bypass Vulnerability
2023-05-09 17:03:07
cve
cve
CVE-2024-20688
2024-04-09 17:15:33
CVE-2023-24932
2023-05-09 18:15:12
prion
prion
Security feature bypass
2023-05-09 18:15:00
attackerkb
attackerkb
CVE-2023-24932
2023-05-09 00:00:00
msrc
msrc
CVE-2023-24932 ใซ้–ข้€ฃใ™ใ‚‹ใ‚ปใ‚ญใƒฅใ‚ข ใƒ–ใƒผใƒˆ ใƒžใƒใƒผใ‚ธใƒฃใƒผใฎๅค‰ๆ›ดใซ้–ขใ™ใ‚‹ใ‚ฌใ‚คใƒ€ใƒณใ‚น
2023-05-09 07:00:00
Guidance related to Secure Boot Manager changes associated with CVE-2023-24932
2023-05-09 07:00:00
Guidance related to Secure Boot Manager changes associated with CVE-2023-24932
2023-05-09 07:00:00
schneier
schneier
Microsoft Secure Boot Bug
2023-05-17 11:01:08
mscve
mscve
Secure Boot Security Feature Bypass Vulnerability
2023-05-09 07:00:00
Secure Boot Security Feature Bypass Vulnerability
2024-04-09 07:00:00
Secure Boot Security Feature Bypass Vulnerability
2024-04-09 07:00:00
githubexploit
githubexploit
Exploit for Incorrect Authorization in Microsoft
2024-05-23 17:49:17
Exploit for Incorrect Authorization in Microsoft
2022-08-09 15:53:48
thn
thn
NSA Releases Guide to Combat Powerful BlackLotus Bootkit Targeting Windows Systems
2023-06-23 09:13:00
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including 2 Exploited Zero-Day Bugs
2023-05-10 05:34:00
veeam
veeam
Support Statement regarding Microsoft CVE-2023-24932
2023-05-24 00:00:00
talosblog
talosblog
Threat Source newsletter (May 11, 2023) โ€” So much for that ransomware decline
2023-05-11 18:00:38
malwarebytes
malwarebytes
Update now! May 2023 Patch Tuesday tackles three zero-days
2023-05-10 05:00:00
trellix
trellix
The Bug Report - May 2023 Edition
2023-06-07 00:00:00
The Bug Report - May 2023 Edition
2023-06-07 00:00:00
krebs
krebs
Microsoft Patch Tuesday, May 2023 Edition
2023-05-10 01:19:58
avleonov
avleonov
Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE
2023-05-27 22:39:14
nessus
nessus
KB5026427: Windows Server 2008 Security Update (May 2023)
2023-05-09 00:00:00
KB5026426: Windows Server 2008 R2 Security Update (May 2023)
2023-05-09 00:00:00
KB5026411: Windows Server 2012 Security Update (May 2023)
2023-05-09 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review
2023-05-09 21:24:08
securelist
securelist
IT threat evolution in Q2 2023. Non-mobile statistics
2023-08-30 10:00:41
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5026382)
2023-05-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5026361)
2023-05-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5028182)
2023-07-21 00:00:00
kaspersky
kaspersky
KLA49156 Multiple vulnerabilities in Microsoft Products (ESU)
2023-05-09 00:00:00
KLA49154 Multiple vulnerabilities in Microsoft Windows
2023-05-09 00:00:00
KLA65512 Multiple vulnerabilities in Microsoft Products (ESU)
2024-04-09 00:00:00
mskb
mskb
May 9, 2023โ€”KB5026361 (OS Builds 19042.2965, 19044.2965, and 19045.2965)
2023-05-09 07:00:00
July 9, 2024โ€”KB5040499 (Monthly Rollup)
2024-08-13 07:00:00
July 9, 2024โ€”KB5040490 (Security-only update)
2024-08-13 07:00:00
ics
ics
Siemens RUGGEDCOM APE1808 Product Family
2023-09-14 12:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2023
2023-05-09 20:02:02
Patch Tuesday - April 2024
2024-04-09 20:28:17

CVSS3

7.1

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

EPSS

0.128

Percentile

95.6%

JSON
Related for MS:CVE-2024-20688
vulnrichment2nvd2cvelist2cve2prion1attackerkb1msrc3schneier1mscve26githubexploit2thn2veeam1talosblog1malwarebytes1trellix2krebs1avleonov1nessus13qualysblog1securelist1openvas4kaspersky3mskb17ics1rapid7blog2