CVE-2025-55338

Published Oct 14, 2025

Last updated 14 days ago

CVSS medium 6.1
Windows BitLocker

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-55338 is a security feature bypass vulnerability affecting Windows BitLocker. Microsoft addressed this vulnerability as part of their October 2025 Patch Tuesday updates. Successful exploitation of this vulnerability could allow an attacker to bypass security features.

Description
Missing Ability to Patch ROM Code in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
Source
secure@microsoft.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
6.1
Impact score
5.2
Exploitability score
0.9
Vector string
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Severity
MEDIUM

Social media

Hype score
Not currently trending

  1. Today's Patch Tuesday includes 6 CVEs for vulnerabilities that I found in BitLocker - CVE-2025-55330, CVE-2025-55332, CVE-2025-55333, CVE-2025-55337, CVE-2025-55338 and CVE-2025-55682. You can check them out here ๐Ÿ‘‰ https://t.co/HYrfpKwX8g https://t.co/mbpkdfkE4l

    @alon_leviev

    14 Oct 2025

    17853 Impressions

    47 Retweets

    182 Likes

    43 Bookmarks

    3 Replies

    1 Quote

References

Sources include official advisories and independent security research.