Vulnerability CVE-2016-3320

Vulnerability CVE-2016-3320

Published: 2016-08-09

Description:

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow attackers to bypass the Secure Boot protection mechanism by leveraging (1) administrative or (2) physical access to install a crafted boot manager, aka "Secure Boot Security Feature Bypass."

Type:

CWE-254

(Security Features)

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:P/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
4/10	2.9/10	8/10

Exploit range	Attack complexity	Authentication
Remote	Low	Single time
Confidentiality impact	Integrity impact	Availability impact
None	Partial	None

Affected software
Microsoft -> Windows 10
Microsoft -> Windows 8.1
Microsoft -> Windows rt 8.1
Microsoft -> Windows server 2012
Fedoraproject -> Fedora

References:

http://www.securityfocus.com/bid/92304

http://www.securitytracker.com/id/1036573

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-100

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MVB6Y2TVKSOBTIIBRUAJUIH3LQHMHCAG/

Copyright 2024, cxsecurity.com