Description
Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Tue, 14 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally. | |
| Title | Windows Boot Loader Security Feature Bypass Vulnerability | |
| First Time appeared |
Microsoft
Microsoft windows 10 1809 Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 24h2 Microsoft windows 11 25h2 Microsoft windows 11 26h1 Microsoft windows Server 2012 Microsoft windows Server 2012 R2 Microsoft windows Server 2016 Microsoft windows Server 2019 Microsoft windows Server 2022 Microsoft windows Server 2025 |
|
| Weaknesses | CWE-325 | |
| CPEs | cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:* cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_11_25H2:*:*:*:*:*:*:arm64:* cpe:2.3:o:microsoft:windows_11_26H1:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_server_2012:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_server_2012_R2:*:*:*:*:*:*:x64:* cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Microsoft
Microsoft windows 10 1809 Microsoft windows 10 21h2 Microsoft windows 10 22h2 Microsoft windows 11 24h2 Microsoft windows 11 25h2 Microsoft windows 11 26h1 Microsoft windows Server 2012 Microsoft windows Server 2012 R2 Microsoft windows Server 2016 Microsoft windows Server 2019 Microsoft windows Server 2022 Microsoft windows Server 2025 |
|
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
Microsoft
Subscribe
Windows 10 1809
Subscribe
Windows 10 21h2
Subscribe
Windows 10 22h2
Subscribe
Windows 11 24h2
Subscribe
Windows 11 25h2
Subscribe
Windows 11 26h1
Subscribe
Windows Server 2012
Subscribe
Windows Server 2012 R2
Subscribe
Windows Server 2016
Subscribe
Windows Server 2019
Subscribe
Windows Server 2022
Subscribe
Windows Server 2025
Subscribe
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2026-07-14T18:45:28.374Z
Reserved: 2026-07-01T21:14:44.618Z
Link: CVE-2026-58638
No data.
No data.
No data.
OpenCVE Enrichment
No data.
Weaknesses