FeedVulnerabilityNew BitUnlocker Downgrade Attack on Windows 11 Allows Access...
VulnerabilityCyber Security News
6.8HIGH

New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks Within 5 Minutes

📅 12 May 2026 at 04:12 UTC📰 Cyber Security NewsView original source ↗

A new tool, BitUnlocker, reveals a practical downgrade attack against Microsoft’s BitLocker encryption, allowing attackers with physical access to decrypt protected volumes on patched Windows 11 machines in under 5 minutes by exploiting a crucial gap between patching and certificate revocation. The attack is rooted in CVE-2025-48804, one of four critical zero-day vulnerabilities discovered by […] The post New BitUnlocker Downgrade Attack on Windows 11 Allows Access to Encrypted Disks Within 5 Minutes appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

A new downgrade attack, BitUnlocker, exploits CVE-2025-48804 in Windows 11 to bypass BitLocker encryption, allowing attackers to access encrypted disks within 5 minutes with physical access.

⚙️Technical Details
CVEs
CVE-2025-48804
Affected Systems
Microsoft Windows 10 1507Microsoft Windows 10 1607Microsoft Windows 10 1809Microsoft Windows 10 21H2Microsoft Windows 10 22H2
Attack Vectors
PHYSICAL
💥Impact Assessment
Severity: CRITICAL
Who Is at Risk
Users with physical access to patched Windows 11 machines
🛡️Recommended Actions
1Apply the latest security patches for Windows 10 and Windows 11
2Use a secure boot process to prevent unauthorized access
3Implement additional security measures, such as encryption keys management
📦Affected Products
Microsoft Windows 10 1507Microsoft Windows 10 1607Microsoft Windows 10 1809Microsoft Windows 10 21H2Microsoft Windows 10 22H2Microsoft Windows 11 22H2Microsoft Windows 11 23H2Microsoft Windows 11 24H2Microsoft Windows Server 2012Microsoft Windows Server 2016
🔐NVD Verified DataVERIFIED
CVE-2025-48804CVSS 6.8MEDIUM
Attack Vector
PHYSICAL
Complexity
LOW
Vector String
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weaknesses
CWE-349
Affected Products (CPE)
Microsoft Windows 10 1507Microsoft Windows 10 1607Microsoft Windows 10 1809Microsoft Windows 10 21H2Microsoft Windows 10 22H2

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed