Vulnerability CVE-2016-7247

Vulnerability CVE-2016-7247

Published: 2016-11-10

Description:

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow physically proximate attackers to bypass the Secure Boot protection mechanism via a crafted boot policy, aka "Secure Boot Component Vulnerability."

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
None	Partial	None

Affected software
Microsoft -> Windows 10
Microsoft -> Windows 8.1
Microsoft -> Windows rt 8.1
Microsoft -> Windows server 2012
Microsoft -> Windows server 2016

References:

http://www.securityfocus.com/bid/94058

http://www.securitytracker.com/id/1037255

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-140

https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05340049

Copyright 2024, cxsecurity.com