CVE-2020-0689

Description

A security feature bypass vulnerability exists in secure boot, aka Microsoft Secure Boot Security Feature Bypass Vulnerability.

Risk Information

Base Score

7.7

MODERATE

Vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:F/RL:O/RC:C

EPSS Score

Exploitation Probability

0.132

Associated Vulnerability

Vulnerability	OS Platform
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 8.1 for x86-based Systems (KB4502496)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1507 for x86-based Systems (KB4502496)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 8.1 for x64-based Systems (KB4502496)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows Server 2012 for x64-based Systems (KB4502496)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1507 for x64-based Systems (KB4502496)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB4502496)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1903 (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows Server, version 1909 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1709 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows Server 2016 (1803) for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1803 (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows Server 2016 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1909 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1703 (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1903 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows Server 2019 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1803 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1709 (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1909 (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1809 (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows Server, version 1903 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1703 for x64-based Systems (KB4524244)	Windows
Microsoft Secure Boot Security Feature Bypass Vulnerability for Windows 10 Version 1607 (KB4524244)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-28373	2020-02 Security Update for Windows 8.1 for x86-based Systems (KB4502496)
PATCH-28374	2020-02 Security Update for Windows 10 Version 1507 for x86-based Systems (KB4502496)
PATCH-28375	2020-02 Security Update for Windows 8.1 for x64-based Systems (KB4502496)
PATCH-28376	2020-02 Security Update for Windows Server 2012 for x64-based Systems (KB4502496)
PATCH-28377	2020-02 Security Update for Windows 10 Version 1507 for x64-based Systems (KB4502496)
PATCH-28378	2020-02 Security Update for Windows Server 2012 R2 for x64-based Systems (KB4502496)
PATCH-28440	Security Update for Windows 10 Version 1903 (KB4524244)
PATCH-28441	Security Update for Windows Server, version 1909 for x64-based Systems (KB4524244)
PATCH-28442	Security Update for Windows 10 Version 1709 for x64-based Systems (KB4524244)
PATCH-28443	Security Update for Windows 10 Version 1809 for x64-based Systems (KB4524244)
PATCH-28444	Security Update for Windows Server 2016 (1803) for x64-based Systems (KB4524244)
PATCH-28445	Security Update for Windows 10 Version 1803 (KB4524244)
PATCH-28446	Security Update for Windows Server 2016 for x64-based Systems (KB4524244)
PATCH-28447	Security Update for Windows 10 Version 1909 for x64-based Systems (KB4524244)
PATCH-28448	Security Update for Windows 10 Version 1703 (KB4524244)
PATCH-28449	Security Update for Windows 10 Version 1903 for x64-based Systems (KB4524244)
PATCH-28450	Security Update for Windows Server 2019 for x64-based Systems (KB4524244)
PATCH-28451	Security Update for Windows 10 Version 1803 for x64-based Systems (KB4524244)
PATCH-28452	Security Update for Windows 10 Version 1709 (KB4524244)
PATCH-28453	Security Update for Windows 10 Version 1909 (KB4524244)
PATCH-28454	Security Update for Windows 10 Version 1809 (KB4524244)
PATCH-28455	Security Update for Windows 10 Version 1607 for x64-based Systems (KB4524244)
PATCH-28456	Security Update for Windows Server, version 1903 for x64-based Systems (KB4524244)
PATCH-28457	Security Update for Windows 10 Version 1703 for x64-based Systems (KB4524244)
PATCH-28458	Security Update for Windows 10 Version 1607 (KB4524244)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234