CVE-2024-20666

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Windows 11 (affected versions not specified) Windows 10 (affected versions not specified) Windows Server 2022 (affected versions not specified)

Description A security feature bypass in the BitLocker data protection function allows an attacker with physical access to an unpatched PC to bypass existing security restrictions and encryption.

Recommendations For Windows 11, apply the Latest Cumulative Update (LCU). For Windows 10, install update KB5034441. For Windows Server 2022, install update KB5034439.

Exploit

Fix

RCE

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-287

Related Identifiers

BDU:2024-00341

CVE-2024-20666

Affected Products

Bitlocker

Windows

Windows 10

Windows 11

Windows Server 2022

CVE-2024-20666

Weakness Enumeration

Related Identifiers

Affected Products

References · 39