CVE-2016-3320

EUVD-2016-4352
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow attackers to bypass the Secure Boot protection mechanism by leveraging (1) administrative or (2) physical access to install a crafted boot manager, aka "Secure Boot Security Feature Bypass."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
microsoftwindows_10
-
microsoftwindows_8.1
-
microsoftwindows_rt_8.1
-
microsoftwindows_server_2012
-
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB3172729
1511 (x64, x86)
KB3172729
Windows 8.1
(x64, x86)
KB3172729
Windows RT 8.1
All
KB3172729
Windows Server 2012
Server Core
KB3172729
Standard
KB3172729
Windows Server 2012 R2
Server Core
KB3172729
Standard
KB3172729
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/92304
http://www.securitytracker.com/id/1036573
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-100
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVB6Y2TVKSOBTIIBRUAJUIH3LQHMHCAG/
http://www.securityfocus.com/bid/92304
http://www.securitytracker.com/id/1036573
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-100
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MVB6Y2TVKSOBTIIBRUAJUIH3LQHMHCAG/