Severity by source
AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
Lifecycle Timeline
3DescriptionCVE.org
Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a security feature locally.
AnalysisAI
Security feature bypass in Microsoft Windows Boot Manager enables an authorized local attacker with high privileges to defeat a protection mechanism during the boot process, with scope change extending impact beyond the initial security boundary. The flaw carries a CVSS 7.9 rating reflecting high confidentiality and integrity impact, and no public exploit identified at time of analysis. The scope-changed nature suggests the bypass undermines a trust boundary such as Secure Boot or BitLocker pre-boot integrity.
Technical ContextAI
Windows Boot Manager (bootmgr/bootmgfw.efi) is the UEFI/BIOS-stage component that loads the Windows kernel and enforces pre-OS security guarantees including Secure Boot signature validation, BitLocker volume unlock decisions, and Measured Boot TPM attestation. CWE-693 (Protection Mechanism Failure) indicates that a designed security control either fails to activate, can be circumvented, or is incorrectly enforced - in boot-stage code this commonly maps to weaknesses in signature verification logic, policy parsing, or trusted variable handling that allow an attacker to subvert the chain of trust before the OS kernel and its defenses load.
RemediationAI
Patch status: Patch available per vendor advisory - administrators should apply the Microsoft security update referenced at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47656 on the next Patch Tuesday cycle for all affected Windows builds, ensuring the update propagates to bootmgr/bootmgfw.efi on the EFI system partition. Because boot-manager fixes historically require revoking previously-signed binaries, administrators should also plan for the eventual Secure Boot DBX (forbidden signature database) update that Microsoft typically stages separately; deploying it too eagerly without verifying updated bootloaders are in place on all volumes (including recovery partitions and bootable USB media) can render systems unbootable. As a compensating control prior to patching, restrict local administrative access using LAPS and tiered admin models so that the PR:H precondition cannot be met by ordinary users, and enable BitLocker with TPM+PIN so that any tampering with the boot manager forces a recovery-key prompt that signals compromise; the trade-off is added user friction at boot.
Same weakness CWE-693 – Protection Mechanism Failure
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-35582
GHSA-jqmx-x9xp-cx7q