AI description
CVE-2023-24932 is a Secure Boot bypass vulnerability found in the Windows Boot Manager. This flaw allows an attacker with administrative privileges or physical access to a device to circumvent Secure Boot protections. The vulnerability is often exploited by replacing a modern, secure bootloader with an older, vulnerable version that is still recognized as trusted by the system. By exploiting this vulnerability, attackers can execute untrusted software during the boot process, potentially establishing persistence at the firmware level. This can allow them to bypass security mechanisms such as BitLocker and traditional antivirus solutions. The vulnerability has been notably associated with the BlackLotus UEFI bootkit.
- Description
- Secure Boot Security Feature Bypass Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 6.7
- Impact score
- 5.9
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
- nvd@nist.gov
- NVD-CWE-noinfo
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-863
- Hype score
- Not currently trending
Put together a full BPMN process diagram for the Secure Boot 2026 certificate deployment. Four lanes: Assessment, BIOS Updates, Phase 1 (certificate deployment), Phase 2 (revocation + SVN enforcement). This is what the complete CVE-2023-24932 remediation looks like end to end. h
@kaidja
22 Mar 2026
1945 Impressions
8 Retweets
24 Likes
20 Bookmarks
0 Replies
0 Quotes
Just completed the full CVE-2023-24932 remediation on an enterprise Lenovo device. All four mitigations done. FirmwareSVN: 7.0. Compliant. Here is what most people do not know: the Intune Settings Catalog policy and Microsoft's 2026 Secure Boot playbook only cover mitigations ht
@kaidja
22 Mar 2026
4611 Impressions
18 Retweets
57 Likes
67 Bookmarks
0 Replies
0 Quotes
前に検証が中途半端になってたやつの検証終わったので、自動処理スクリプトもついでに公開 再起動を跨いで自律完走するセキュアブート(CVE-2023-24932)自動更新スクリプトの実装|はちくわ https://t.co/yBwh97vQu6
@8chikuwa3
4 Mar 2026
507 Impressions
2 Retweets
6 Likes
2 Bookmarks
2 Replies
0 Quotes
Cybersecurity alert! Protect your system from the Black Lotus vulnerability (CVE-2023-24932) targeting Secure Boot. Here's what admins need to know to safeguard their devices. Don’t wait until it’s too late. Act now #CyberSecurity #InfoSec #CVE2023 https://t.co/29RYguGLBm
@cheinyeanlim
23 Mar 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2023-24932
@transilienceai
25 Feb 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2023-24932
@transilienceai
24 Feb 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Patch Tuesday and no update on the enforcement date for KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932 Still waiting.. #Windows11 #Windows10 https://t.co/mrwQ3xlBYp
@ccmexec
14 Jan 2025
2828 Impressions
9 Retweets
21 Likes
6 Bookmarks
2 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0855C3A7-36C3-4398-9208-1FC8A02F40D0",
"versionEndExcluding": "10.0.10240.19926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAB00F09-4CCF-4AB6-85CE-07298A21C1D9",
"versionEndExcluding": "10.0.14393.5921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF1C808-45D2-4C43-81F0-0E3DC697A31A",
"versionEndExcluding": "10.0.17763.4377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B7C959F-A277-4B18-B7D8-6CC8A5D01469",
"versionEndExcluding": "10.0.19042.2965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DB7F7A-A2CA-462C-A75C-A6739899C14B",
"versionEndExcluding": "10.0.19044.2965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7450AB6-B09E-4C37-82FD-274675C0F8AF",
"versionEndExcluding": "10.0.19045.2965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7E42EF0F-F78C-49E8-BC26-09AF1C0730E0",
"versionEndExcluding": "10.0.22000.1936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8267EF4-E3E6-4FA1-8090-965AE770B313",
"versionEndExcluding": "10.0.22000.1702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]