Home

CVE-2016-3287

Description

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative access to install a crafted policy, aka Secure Boot Security Feature Bypass.

Risk Information

Base Score
6.2
MODERATE
Vector
CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
0.166

Associated Vulnerability

VulnerabilityOS Platform
Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1511 for x64-based Systems (KB3172985) - CumulativeWindows
Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1511 (KB3172985) - CumulativeWindows
Secure Boot Security Feature Bypass Vulnerability for Windows 10 for x64-based Systems (KB3163912) - CumulativeWindows
Secure Boot Security Feature Bypass Vulnerability for Windows Server 2012 (KB3172727)Windows
Secure Boot Security Feature Bypass Vulnerability for Windows Server 2012 R2 (KB3172727)Windows
Secure Boot Security Feature Bypass Vulnerability for Windows 8.1 for x64-based Systems (KB3172727)Windows
Secure Boot Security Feature Bypass Vulnerability for Windows 8.1 (KB3172727)Windows
Secure Boot Security Feature Bypass Vulnerability for Windows 10 (KB3163912)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-21202Cumulative Update for Windows 10 Version 1511 for x64-based Systems (KB3172985)
PATCH-21201Cumulative Update for Windows 10 Version 1511 (KB3172985)
PATCH-21200Cumulative Update for Windows 10 for x64-based Systems (KB3163912)
PATCH-21190Security Update for Windows Server 2012 (KB3172727)
PATCH-21192Security Update for Windows Server 2012 R2 (KB3172727)
PATCH-21191Security Update for Windows 8.1 for x64-based Systems (KB3172727)
PATCH-21189Security Update for Windows 8.1 (KB3172727)
PATCH-21199Cumulative Update for Windows 10 (KB3163912)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234