FeedVulnerabilityNew BitUnlocker Downgrade Attack on Windows 11 Allows Access...
VulnerabilityCyber Security News
6.8HIGH

New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes

📅 12 May 2026 at 04:12 UTC📰 Cyber Security NewsView original source ↗
New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes

A new tool, BitUnlocker, reveals a practical downgrade attack against Microsoft’s BitLocker encryption, allowing attackers with physical access to decrypt protected volumes on patched Windows 11 machines in under 5 minutes by exploiting a crucial gap between patching and certificate revocation. The attack is rooted in CVE-2025-48804, one of four critical zero-day vulnerabilities discovered by […] The post New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks in 5 Minutes appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

A new BitUnlocker tool exploits CVE-2025-48804, a critical zero-day vulnerability in Windows BitLocker encryption, allowing attackers with physical access to decrypt protected volumes on patched Windows 11 machines in under 5 minutes.

⚙️Technical Details
CVEs
CVE-2025-48804
Affected Systems
Microsoft Windows 10 1507Microsoft Windows 10 1607Microsoft Windows 10 1809Microsoft Windows 10 21H2Microsoft Windows 10 22H2
Attack Vectors
PHYSICAL
💥Impact Assessment
Severity: CRITICAL
🛡️Recommended Actions
1Apply the latest security patches to all affected systems immediately.
2Implement additional physical access controls, such as secure boot mechanisms or Trusted Platform Modules (TPMs).
3Conduct regular vulnerability assessments and penetration testing to identify potential weaknesses.
📦Affected Products
Microsoft Windows 10 1507Microsoft Windows 10 1607Microsoft Windows 10 1809Microsoft Windows 10 21H2Microsoft Windows 10 22H2Microsoft Windows 11 22H2Microsoft Windows 11 23H2Microsoft Windows 11 24H2Microsoft Windows Server 2012Microsoft Windows Server 2016
🔐NVD Verified DataVERIFIED
CVE-2025-48804CVSS 6.8MEDIUM
Attack Vector
PHYSICAL
Complexity
LOW
Vector String
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weaknesses
CWE-349
Affected Products (CPE)
Microsoft Windows 10 1507Microsoft Windows 10 1607Microsoft Windows 10 1809Microsoft Windows 10 21H2Microsoft Windows 10 22H2

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed