CVE-2025-21210

Name of the Vulnerable Software and Affected Versions Windows BitLocker (affected versions not specified)

Description A critical issue in Windows BitLocker exposes the encryption mechanism to a novel randomization attack targeting the AES-XTS mode. This allows attackers to bypass BitLocker encryption by corrupting a registry key, causing unencrypted hibernation images to be written to disk. The attack, known as CrashXTS, can compromise encrypted data by finding and corrupting a specific 16-byte block to leak unencrypted hibernation images. This issue risks sensitive data and poses significant risks to data security.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.