CVE-2016-3320

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow attackers to bypass the Secure Boot protection mechanism by leveraging (1) administrative or (2) physical access to install a crafted boot manager, aka "Secure Boot Security Feature Bypass."

Published: Aug 9, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-3320
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

CWE-254

Affected Software
References

Software	From	Fixed in
microsoft / windows_server_2012	r2	r2.x
microsoft / windows_10	1511	1511.x
fedoraproject / fedora	25	25.x

http://www.securityfocus.com/bid/92304
http://www.securitytracker.com/id/1036573
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-100
https://lists.fedoraproject.org/archives/list/[email protected]/message/MVB6Y2TVKSOBTIIBRUAJUIH3LQHMHCAG/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVB6Y2TVKSOBTIIBRUAJUIH3LQHMHCAG/

Vulnerability Database

289,697

CVE-2016-3320