Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mscveMicrosoftMS:CVE-2024-28925
HistoryApr 09, 2024 - 7:00 a.m.

Secure Boot Security Feature Bypass Vulnerability

2024-04-0907:00:00
Microsoft
msrc.microsoft.com
14
secure boot
bypass
vulnerability
microsoft

CVSS3

8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

EPSS

0.126

Percentile

95.6%

JSON

Affected configurations

Vulners
Node
microsoftwindows_server_2012Range<6.3.9600.21924r2
OR
microsoftwindows_server_2012Range<6.3.9600.21924r2
OR
microsoftwindows_server_2012Range<6.2.9200.24821
OR
microsoftwindows_server_2012Range<6.2.9200.24821
OR
microsoftwindows_server_2008Range<6.1.7601.27067r2
OR
microsoftwindows_server_2008Range<6.1.7601.27067r2
OR
microsoftwindows_server_2008Range<6.1.7601.27067r2
OR
microsoftwindows_server_2008Range<6.1.7601.27067r2
OR
microsoftwindows_server_2008Range<6.0.6003.22618sp2
OR
microsoftwindows_server_2008Range<6.0.6003.22618sp2
OR
microsoftwindows_server_2008Range<6.0.6003.22618sp2
OR
microsoftwindows_server_2008Range<6.0.6003.22618sp2
OR
microsoftwindows_server_2008Range<6.0.6003.22618sp2
OR
microsoftwindows_server_2008Range<6.0.6003.22618sp2
OR
microsoftwindows_server_2008Range<6.0.6003.22618sp2
OR
microsoftwindows_server_2008Range<6.0.6003.22618sp2
OR
microsoftwindows_server_2016Range<10.0.14393.6897
OR
microsoftwindows_server_2016Range<10.0.14393.6897
OR
microsoftwindows_10_1607Range<10.0.14393.6897
OR
microsoftwindows_10_1607Range<10.0.14393.6897
OR
microsoftwindows_10_1507Range<10.0.10240.20596
OR
microsoftwindows_10_1507Range<10.0.10240.20596
OR
microsoftwindows_server_23h2Range<10.0.25398.830
OR
microsoftwindows_11_23h2Range<10.0.22631.3447
OR
microsoftwindows_11_23h2Range<10.0.22631.3447
OR
microsoftwindows_10_22h2Range<10.0.19045.4291
OR
microsoftwindows_10_22h2Range<10.0.19045.4291
OR
microsoftwindows_10_22h2Range<10.0.19045.4291
OR
microsoftwindows_11_22h2Range<10.0.22621.3447
OR
microsoftwindows_11_22h2Range<10.0.22621.3447
OR
microsoftwindows_10_21h2Range<10.0.19044.4291
OR
microsoftwindows_10_21h2Range<10.0.19044.4291
OR
microsoftwindows_10_21h2Range<10.0.19044.4291
OR
microsoftwindows_11_21h2Range<10.0.22000.2899
OR
microsoftwindows_11_21h2Range<10.0.22000.2899
OR
microsoftwindows_server_2022Range<10.0.20348.2402
OR
microsoftwindows_server_2022Range<10.0.20348.2402
OR
microsoftwindows_server_2019Range<10.0.17763.5696
OR
microsoftwindows_server_2019Range<10.0.17763.5696
OR
microsoftwindows_10_1809Range<10.0.17763.5696
OR
microsoftwindows_10_1809Range<10.0.17763.5696
OR
microsoftwindows_10_1809Range<10.0.17763.5696
VendorProductVersionCPE
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:r2:*:*:*:*:*:*
microsoftwindows_server_2012*cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:r2:*:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
microsoftwindows_server_2016*cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
microsoftwindows_10_1607*cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*
microsoftwindows_10_1507*cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*
microsoftwindows_server_23h2*cpe:2.3:o:microsoft:windows_server_23h2:*:*:*:*:*:*:*:*
microsoftwindows_11_23h2*cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*
microsoftwindows_10_22h2*cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 161

Related

nvd 2
vulnrichment 2
cve 2
cvelist 2
prion 1
mscve 26
schneier 1
githubexploit 2
attackerkb 1
msrc 3
thn 2
veeam 1
talosblog 1
malwarebytes 1
trellix 2
krebs 1
avleonov 1
nessus 23
qualysblog 1
securelist 1
openvas 10
kaspersky 4
mskb 29
ics 1
rapid7blog 2
nvd
nvd
CVE-2024-28925
2024-04-09 17:15:53
CVE-2023-24932
2023-05-09 18:15:12
vulnrichment
vulnrichment
CVE-2024-28925 Secure Boot Security Feature Bypass Vulnerability
2024-04-09 17:01:08
CVE-2023-24932 Secure Boot Security Feature Bypass Vulnerability
2023-05-09 17:03:07
cve
cve
CVE-2024-28925
2024-04-09 17:15:53
CVE-2023-24932
2023-05-09 18:15:12
cvelist
cvelist
CVE-2024-28925 Secure Boot Security Feature Bypass Vulnerability
2024-04-09 17:01:08
CVE-2023-24932 Secure Boot Security Feature Bypass Vulnerability
2023-05-09 17:03:07
prion
prion
Security feature bypass
2023-05-09 18:15:00
mscve
mscve
Secure Boot Security Feature Bypass Vulnerability
2023-05-09 07:00:00
Secure Boot Security Feature Bypass Vulnerability
2024-04-09 07:00:00
Secure Boot Security Feature Bypass Vulnerability
2024-04-09 07:00:00
schneier
schneier
Microsoft Secure Boot Bug
2023-05-17 11:01:08
githubexploit
githubexploit
Exploit for Incorrect Authorization in Microsoft
2024-05-23 17:49:17
Exploit for Incorrect Authorization in Microsoft
2022-08-09 15:53:48
attackerkb
attackerkb
CVE-2023-24932
2023-05-09 00:00:00
msrc
msrc
CVE-2023-24932 に関連するセキュア ブート マネージャーの変更に関するガイダンス
2023-05-09 07:00:00
Guidance related to Secure Boot Manager changes associated with CVE-2023-24932
2023-05-09 07:00:00
Guidance related to Secure Boot Manager changes associated with CVE-2023-24932
2023-05-09 07:00:00
thn
thn
NSA Releases Guide to Combat Powerful BlackLotus Bootkit Targeting Windows Systems
2023-06-23 09:13:00
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including 2 Exploited Zero-Day Bugs
2023-05-10 05:34:00
veeam
veeam
Support Statement regarding Microsoft CVE-2023-24932
2023-05-24 00:00:00
talosblog
talosblog
Threat Source newsletter (May 11, 2023) — So much for that ransomware decline
2023-05-11 18:00:38
malwarebytes
malwarebytes
Update now! May 2023 Patch Tuesday tackles three zero-days
2023-05-10 05:00:00
trellix
trellix
The Bug Report - May 2023 Edition
2023-06-07 00:00:00
The Bug Report - May 2023 Edition
2023-06-07 00:00:00
krebs
krebs
Microsoft Patch Tuesday, May 2023 Edition
2023-05-10 01:19:58
avleonov
avleonov
Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE
2023-05-27 22:39:14
nessus
nessus
KB5026427: Windows Server 2008 Security Update (May 2023)
2023-05-09 00:00:00
KB5026426: Windows Server 2008 R2 Security Update (May 2023)
2023-05-09 00:00:00
KB5026370: Windows 2022 / Azure Stack HCI 22H2 Security Update (May 2023)
2023-05-09 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review
2023-05-09 21:24:08
securelist
securelist
IT threat evolution in Q2 2023. Non-mobile statistics
2023-08-30 10:00:41
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5026382)
2023-05-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5026361)
2023-05-10 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5036925)
2024-04-10 00:00:00
kaspersky
kaspersky
KLA49156 Multiple vulnerabilities in Microsoft Products (ESU)
2023-05-09 00:00:00
KLA49154 Multiple vulnerabilities in Microsoft Windows
2023-05-09 00:00:00
KLA65512 Multiple vulnerabilities in Microsoft Products (ESU)
2024-04-09 00:00:00
mskb
mskb
May 9, 2023—KB5026361 (OS Builds 19042.2965, 19044.2965, and 19045.2965)
2023-05-09 07:00:00
April 9, 2024—KB5036922 (Security-only update)
2024-04-09 07:00:00
April 9, 2024—KB5036950 (Security-only update)
2024-04-09 07:00:00
ics
ics
Siemens RUGGEDCOM APE1808 Product Family
2023-09-14 12:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2023
2023-05-09 20:02:02
Patch Tuesday - April 2024
2024-04-09 20:28:17

CVSS3

8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

EPSS

0.126

Percentile

95.6%

JSON
Related for MS:CVE-2024-28925
nvd2vulnrichment2cve2cvelist2prion1mscve26schneier1githubexploit2attackerkb1msrc3thn2veeam1talosblog1malwarebytes1trellix2krebs1avleonov1nessus23qualysblog1securelist1openvas10kaspersky4mskb29ics1rapid7blog2