Security Feature Bypass Vulnerability in Windows Boot Loader by Microsoft
CVE-2026-58638

6MEDIUM

What is CVE-2026-58638?

A missing cryptographic step in the Windows Boot Loader allows an authorized attacker to locally bypass a crucial security feature, posing a significant risk to system integrity. This vulnerability highlights the need for stringent security measures within system boot processes to prevent unauthorized access and potential exploitation.

Affected Version(s)

Windows 10 Version 1809 32-bit Systems 10.0.17763.0 < 10.0.17763.9020

Windows 10 Version 21H2 32-bit Systems 10.0.19044.0 < 10.0.19044.7548

Windows 10 Version 22H2 32-bit Systems 10.0.19045.0 < 10.0.19045.7548

References

CVSS V3.1

Score:
6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.