{"uuid": "2dd13f79-5516-4ca2-9333-b698d470afd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-50661", "type": "seen", "source": "https://gist.github.com/alon710/241fe7f4e9eb231b7e18efd4dc0b5fdd", "content": "# CVE-2026-50661: CVE-2026-50661: Windows BitLocker Security Feature Bypass\n\n&gt; **CVSS Score:** 6.1\n&gt; **Published:** 2026-07-14\n&gt; **Full Report:** https://cvereports.com/reports/CVE-2026-50661\n\n## Summary\nCVE-2026-50661 is a security feature bypass vulnerability in Microsoft Windows BitLocker full-disk encryption. A physical attacker can exploit this flaw to bypass encryption controls, permitting unauthorized access to sensitive local storage and the modification of offline system configurations.\n\n## TL;DR\nA physical security feature bypass in Windows BitLocker allows physical attackers to decrypt system drives and manipulate configurations by exploiting weak pre-boot verification and automatic TPM key release mechanisms.\n\n## Technical Details\n\n- **CWE ID**: CWE-693 (Protection Mechanism Failure)\n- **Attack Vector**: Physical (AV:P)\n- **CVSS v3.1 Score**: 6.1 (Medium)\n- **EPSS Score**: Not Available\n- **Exploit Status**: None (No Public PoC)\n- **CISA KEV Status**: Not Listed\n- **Primary Impact**: Loss of Confidentiality &amp; Integrity\n\n## Affected Systems\n\n- Windows 10\n- Windows 11\n- Windows Server 2016\n- Windows Server 2019\n- Windows Server 2022\n- Windows Server 2025\n- **Windows 10 Version 22H2**: &lt; 10.0.19045.7548 (Fixed in: `10.0.19045.7548`)\n- **Windows 11 Version 24H2**: &lt; 10.0.26100.8875 (Fixed in: `10.0.26100.8875`)\n- **Windows Server 2025**: &lt; 10.0.26100.33158 (Fixed in: `10.0.26100.33158`)\n\n## Mitigation\n\n- Enforce pre-boot PIN or Password authentication\n- Apply July 2026 cumulative security updates\n- Enable Kernel DMA Protection in BIOS/UEFI\n- Disable Windows Recovery Environment (WinRE) if appropriate\n\n**Remediation Steps:**\n1. Apply Microsoft security updates for your specific Windows OS build\n2. Enable pre-boot PIN requirement via Group Policy or MDM\n3. Run 'reagentc /disable' to block unauthenticated recovery console access\n4. Verify Kernel DMA Protection is active in system settings\n\n## References\n\n- [Microsoft Security Response Center (MSRC) Advisory](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50661)\n- [CVE.org Official Record](https://www.cve.org/CVERecord?id=CVE-2026-50661)\n- [Wiz Vulnerability Database Overview](https://www.wiz.io/vulnerability-database/cve/cve-2026-50661)\n- [Shodan Query](https://www.shodan.io/search?query=CVE-2026-50661)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-50661) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-15T10:31:10.623306Z"}