CVE-2023-21563
Description
BitLocker Security Feature Bypass Vulnerability
Risk Information
Base Score
6.8
MODERATE
Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.675
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 22H2 for x86-based Systems (KB5022282) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 22H2 for x64-based Systems (KB5022282) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 21H2 for x86-based Systems (KB5022282) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 21H2 for x64-based Systems (KB5022282) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 20H2 for x64-based Systems (KB5022282) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 20H2 for x86-based Systems (KB5022282) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB5022286) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB5022286) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows Server 2019 for x64-based Systems (KB5022286) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 11 for ARM64-based Systems (KB5022287) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 11 for x64-based Systems (KB5022287) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 1607 for x64-based Systems (KB5022289) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows Server 2016 for x64-based Systems (KB5022289) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 1607 for x86-based Systems (KB5022289) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Microsoft server operating system version 21H2 for x64-based Systems (KB5022291) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 1507 for x64-based Systems (KB5022297) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 10 Version 1507 for x86-based Systems (KB5022297) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 11 Version 22H2 for x64-based Systems (KB5022303) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 11 Version 22H2 for ARM64-based Systems (KB5022303) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB5022338) (ESU) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 7 for x64-based Systems (KB5022338) (ESU) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 7 for x86-based Systems (KB5022338) (ESU) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB5022339) (ESU) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 7 for x64-based Systems (KB5022339) (ESU) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 7 for x86-based Systems (KB5022339) (ESU) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows Server 2012 for x64-based Systems (KB5022343) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 8.1 for x86-based Systems (KB5022346) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 8.1 for x64-based Systems (KB5022346) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB5022346) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows Server 2012 for x64-based Systems (KB5022348) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows Server 2012 R2 for x64-based Systems (KB5022352) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 8.1 for x86-based Systems (KB5022352) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 8.1 for x64-based Systems (KB5022352) | Windows |
| Remote Procedure Call Runtime Denial of Service Vulnerability for Windows Server 2008 for x86-based Systems (KB5022340) (ESU) | Windows |
| Remote Procedure Call Runtime Denial of Service Vulnerability for Windows Server 2008 for x64-based Systems (KB5022340) (ESU) | Windows |
| Remote Procedure Call Runtime Denial of Service Vulnerability for Windows Server 2008 for x64-based Systems (KB5022353) (ESU) | Windows |
| Remote Procedure Call Runtime Denial of Service Vulnerability for Windows Server 2008 for x86-based Systems (KB5022353) (ESU) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 11 for ARM64-based Systems (KB5022287) (CVE-2023-21674) | Windows |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability for Windows 11 Version 22H2 for ARM64-based Systems (KB5022303) (CVE-2023-21674) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-35445 | 2023-01 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5022282) (CVE-2023-21674) |
| PATCH-35446 | 2023-01 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5022282) (CVE-2023-21674) |
| PATCH-35447 | 2023-01 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5022282) (CVE-2023-21674) |
| PATCH-35448 | 2023-01 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5022282) (CVE-2023-21674) |
| PATCH-35449 | 2023-01 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5022282) (CVE-2023-21674) |
| PATCH-35450 | 2023-01 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5022282) (CVE-2023-21674) |
| PATCH-35456 | 2023-01 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5022286) (CVE-2023-21674) |
| PATCH-35457 | 2023-01 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5022286) (CVE-2023-21674) |
| PATCH-35458 | 2023-01 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5022286) (CVE-2023-21674) |
| PATCH-35452 | 2023-01 Cumulative Update for Windows 11 for x64-based Systems (KB5022287) (CVE-2023-21674) |
| PATCH-35440 | 2023-01 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5022289) (CVE-2023-21674) |
| PATCH-35441 | 2023-01 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5022289) (CVE-2023-21674) |
| PATCH-35442 | 2023-01 Cumulative Update for Windows 10 Version 1607 for x86-based Systems (KB5022289) (CVE-2023-21674) |
| PATCH-35453 | 2023-01 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5022291) (CVE-2023-21674) |
| PATCH-35443 | 2023-01 Cumulative Update for Windows 10 Version 1507 for x64-based Systems (KB5022297) (CVE-2023-21674) |
| PATCH-35444 | 2023-01 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5022297) (CVE-2023-21674) |
| PATCH-35454 | 2023-01 Cumulative Update for Windows 11 Version 22H2 for x64-based Systems (KB5022303) (CVE-2023-21674) |
| PATCH-35463 | 2023-01 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB5022338) (ESU) |
| PATCH-35464 | 2023-01 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB5022338) (ESU) |
| PATCH-35465 | 2023-01 Security Monthly Quality Rollup for Windows 7 for x86-based Systems (KB5022338) (ESU) |
| PATCH-35435 | 2023-01 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB5022339) (ESU) |
| PATCH-35436 | 2023-01 Security Only Quality Update for Windows 7 for x64-based Systems (KB5022339) (ESU) |
| PATCH-35437 | 2023-01 Security Only Quality Update for Windows 7 for x86-based Systems (KB5022339) (ESU) |
| PATCH-35434 | 2023-01 Security Only Quality Update for Windows Server 2012 for x64-based Systems (KB5022343) |
| PATCH-35431 | 2023-01 Security Only Quality Update for Windows 8.1 for x86-based Systems (KB5022346) (CVE-2023-21674) |
| PATCH-35432 | 2023-01 Security Only Quality Update for Windows 8.1 for x64-based Systems (KB5022346) (CVE-2023-21674) |
| PATCH-35433 | 2023-01 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB5022346) (CVE-2023-21674) |
| PATCH-35462 | 2023-01 Security Monthly Quality Rollup for Windows Server 2012 for x64-based Systems (KB5022348) |
| PATCH-35459 | 2023-01 Security Monthly Quality Rollup for Windows Server 2012 R2 for x64-based Systems (KB5022352) (CVE-2023-21674) |
| PATCH-35460 | 2023-01 Security Monthly Quality Rollup for Windows 8.1 for x86-based Systems (KB5022352) (CVE-2023-21674) |
| PATCH-35461 | 2023-01 Security Monthly Quality Rollup for Windows 8.1 for x64-based Systems (KB5022352) (CVE-2023-21674) |
| PATCH-35466 | 2023-01 Security Monthly Quality Rollup for Windows Server 2008 for x86-based Systems (KB5022340) (ESU) |
| PATCH-35467 | 2023-01 Security Monthly Quality Rollup for Windows Server 2008 for x64-based Systems (KB5022340) (ESU) |
| PATCH-35438 | 2023-01 Security Only Quality Update for Windows Server 2008 for x64-based Systems (KB5022353) (ESU) |
| PATCH-35439 | 2023-01 Security Only Quality Update for Windows Server 2008 for x86-based Systems (KB5022353) (ESU) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234