CVE-2024-38058

Name of the Vulnerable Software and Affected Versions: Windows BitLocker (affected versions not specified)

Description: The issue is related to a security feature bypass vulnerability in the BitLocker data protection function of Windows operating systems. This vulnerability can be exploited by an attacker with physical access to bypass existing security restrictions and gain access to encrypted data. Microsoft has disabled a fix for this issue due to firmware incompatibility problems that caused devices to enter BitLocker recovery mode. As a result, customers are advised to apply manual mitigations.

Recommendations: To mitigate this issue, apply the manual mitigations advised by Microsoft, which require restarting the impacted device eight times. At the moment, there is no information about a newer version that contains a fix for this vulnerability.