Vulnerability Name: | CVE-2016-7247 (CCN-118297) | ||||||||||||
Assigned: | 2016-11-08 | ||||||||||||
Published: | 2016-11-08 | ||||||||||||
Updated: | 2018-10-12 | ||||||||||||
Summary: | Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow physically proximate attackers to bypass the Secure Boot protection mechanism via a crafted boot policy, aka "Secure Boot Component Vulnerability." | ||||||||||||
CVSS v3 Severity: | 7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) 6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
6.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||||||
Vulnerability Type: | CWE-284 | ||||||||||||
Vulnerability Consequences: | Bypass Security | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2016-7247 Source: CCN Type: Microsoft Security Bulletin MS16-140 Security Update For Boot Manager (3193479) Source: BID Type: UNKNOWN 94058 Source: CCN Type: BID-94058 Microsoft Windows Boot Manager CVE-2016-7247 Local Security Bypass Vulnerability Source: SECTRACK Type: UNKNOWN 1037255 Source: MS Type: UNKNOWN MS16-140 Source: XF Type: UNKNOWN ms-windows-cve20167247-security-bypass(118297) Source: HP Type: UNKNOWN HPSBGN3552 | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
Oval Definitions | |||||||||||||
| |||||||||||||
BACK |