Skip to main content

Windows UEFI CVE-2026-45656

| EUVDEUVD-2026-35696 HIGH
Protection Mechanism Failure (CWE-693)
2026-06-09 secure@microsoft.com GHSA-44jf-fmcv-xp6f
7.8
CVSS 3.1 · NVD
Temporal: 6.8
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CIRCL (temporal)
6.8 MEDIUM
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jun 09, 2026 - 18:01 vuln.today
CVE Published
Jun 09, 2026 - 17:17 nvd
HIGH 7.8

DescriptionNVD

Protection mechanism failure in Windows UEFI allows an authorized attacker to bypass a security feature locally.

AnalysisAI

Security feature bypass in Windows UEFI allows an authenticated local attacker with low privileges to circumvent a protection mechanism, resulting in high confidentiality, integrity, and availability impact on the host. The flaw is rooted in CWE-693 (Protection Mechanism Failure) within the Windows UEFI firmware layer, and Microsoft (secure@microsoft.com) is the reporting CNA. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Technical ContextAI

UEFI (Unified Extensible Firmware Interface) is the pre-boot firmware environment that initializes hardware and hands control to the operating system loader; on Windows systems it underpins Secure Boot, BitLocker measurement, and the early boot trust chain. CWE-693 (Protection Mechanism Failure) indicates that an existing security control in the UEFI implementation is bypassed or rendered ineffective rather than missing entirely - typical examples in this class include flaws that defeat Secure Boot, variable write protection, SMM lockdown, or Boot Guard. No CPE strings were provided in the input, so the exact affected Windows builds and firmware components must be confirmed via the Microsoft Security Update Guide entry referenced by NVD.

RemediationAI

Apply the Microsoft security update referenced in the MSRC advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45656 as soon as it is published for your Windows edition; patch available per vendor advisory, though no specific fixed build number is provided in the input data, so consult that advisory for the exact KB and any firmware/UEFI capsule updates that must accompany the OS patch. As compensating controls while patching is staged, restrict local interactive and administrative access on affected hosts since exploitation requires PR:L local privileges (trade-off: tighter local admin controls may impede support workflows), enable and monitor Secure Boot and measured boot attestation via tools such as Microsoft Defender for Endpoint or Azure Attestation to detect bypass attempts (trade-off: attestation will flag legitimate firmware changes), and keep BitLocker enabled with TPM+PIN where feasible so that a firmware-level security bypass does not trivially lead to offline data exposure (trade-off: TPM+PIN adds boot friction for end users).

Share

CVE-2026-45656 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy