Logo
Retour à la veille

CVE-2026-8863

Publié : 9 juin 2026
Modifié : 9 juin 2026
Lien officiel NVD
Score CVSS
7.8
HIGH

Description détaillée

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.

Vecteur d'attaque (CVSS)

Vecteur brut :CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Références et Patchs

https://kb.cert.org/vuls/id/616257https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8863

Dernières Vulnérabilités

CVE-2026-6445

A flaw exists in FlashArray Purity where insufficient filtering of certain data paths could expose sensitive information to an authenticated user with low privileges.

VOIR DÉTAILS

CVE-2026-6444

A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges.

VOIR DÉTAILS

CVE-2026-48306

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

VOIR DÉTAILS