Description
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Published: 2026-06-09
Score: 7.9 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a protection mechanism failure in Windows Secure Boot that permits an authorized local attacker to bypass the secure boot feature. This weakness is classified under CWE‑1329, which involves an attacker manipulating input parameters to subvert a security state. By bypassing secure boot, the attacker could load unsigned drivers or firmware, undermining the integrity of the system boot process and potentially compromising confidentiality and integrity of the machine.

Affected Systems

Affected systems include multiple Microsoft Windows client and server releases. Client versions: Windows 10 versions 1607, 1809, 21H2, 22H2 and Windows 11 versions 23H2, 24H2, 25H2, 26H1 (ARM64 and x86/x64 as applicable). Server releases: Windows Server 2012, 2012 R2, 2016, 2019, 2022, 2025 (both Standard and Server Core installations).

Risk and Exploitability

The CVSS score of 7.9 indicates high severity, but the EPSS score is not available, leaving the likelihood of exploitation uncertain. The vulnerability is not currently listed in CISA’s KEV catalog. Exploitation requires local authorized privileges; an attacker must have a user account that can modify UEFI settings or run code that can interact with the Secure Boot configuration. Bypassing secure boot locally could grant an attacker continuous access to execute malicious code with elevated privileges, presenting a serious long‑term compromise risk. Organisers should monitor for any elevation of privilege or unexpected driver load events.

Generated by OpenCVE AI on June 9, 2026 at 20:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest Windows updates that contain the secure boot fix, as detailed in Microsoft’s update guide for CVE‑2026‑48573.
  • Confirm that Secure Boot is enabled in the system’s UEFI/BIOS settings and that the configuration has not been altered to allow unsigned code.
  • Apply the principle of least privilege by restricting access to accounts that can change UEFI settings or install drivers, and enforce driver signing requirements through Group Policy or device guard.
  • Monitor event logs for attempts to modify secure boot keys or load unsigned drivers, and investigate any related anomalies promptly.

Generated by OpenCVE AI on June 9, 2026 at 20:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 10 Jun 2026 11:30:00 +0000

Type Values Removed Values Added
First Time appeared Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2012 (server Core Installation)
Microsoft windows Server 2012 R2
Microsoft windows Server 2012 R2 (server Core Installation)
Microsoft windows Server 2016 (server Core Installation)
Microsoft windows Server 2019 (server Core Installation)
Microsoft windows Server 2025 (server Core Installation)
Vendors & Products Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2012 (server Core Installation)
Microsoft windows Server 2012 R2
Microsoft windows Server 2012 R2 (server Core Installation)
Microsoft windows Server 2016 (server Core Installation)
Microsoft windows Server 2019 (server Core Installation)
Microsoft windows Server 2025 (server Core Installation)
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 09 Jun 2026 17:15:00 +0000

Type Values Removed Values Added
Description Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
Title Secure Boot Security Feature Bypass Vulnerability
First Time appeared Microsoft
Microsoft windows 10 1607
Microsoft windows 10 1809
Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2012
Microsoft windows Server 2012 R2
Microsoft windows Server 2016
Microsoft windows Server 2019
Microsoft windows Server 2022
Microsoft windows Server 2025
Weaknesses CWE-1329
CPEs cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*
cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_23H2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:*
cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:*
cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft windows 10 1607
Microsoft windows 10 1809
Microsoft windows 10 21h2
Microsoft windows 10 22h2
Microsoft windows 11 23h2
Microsoft windows 11 24h2
Microsoft windows 11 25h2
Microsoft windows 11 26h1
Microsoft windows Server 2012
Microsoft windows Server 2012 R2
Microsoft windows Server 2016
Microsoft windows Server 2019
Microsoft windows Server 2022
Microsoft windows Server 2025
References
Metrics cvssV3_1

{'score': 7.9, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C'}

Subscriptions

Microsoft Windows 10 1607 Windows 10 1809 Windows 10 21h2 Windows 10 21h2 Windows 10 22h2 Windows 10 22h2 Windows 11 23h2 Windows 11 23h2 Windows 11 24h2 Windows 11 24h2 Windows 11 25h2 Windows 11 25h2 Windows 11 26h1 Windows 11 26h1 Windows Server 2012 Windows Server 2012 (server Core Installation) Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 R2 (server Core Installation) Windows Server 2016 Windows Server 2016 (server Core Installation) Windows Server 2019 Windows Server 2019 (server Core Installation) Windows Server 2022 Windows Server 2025 Windows Server 2025 (server Core Installation)
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-06-10T10:23:10.207Z

Reserved: 2026-05-21T20:00:35.245Z

Link: CVE-2026-48573

cve-icon Vulnrichment

Updated: 2026-06-10T10:23:04.995Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-09T17:17:45.833

Modified: 2026-06-09T19:32:51.440

Link: CVE-2026-48573

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-10T11:15:05Z

Weaknesses