Is Windows Server 2012 affected by EUVD-2026-22455?

CVE-2026-27913 is a critical BitLocker bypass affecting Windows Server 2012-2022 that allows attackers with physical device access to decrypt protected disks without authentication, posing significant risk to organizations with sensitive data on servers in vulnerable locations or subject to theft.

EUVD-2026-22455

| CVE-2026-27913 HIGH

2026-04-14 microsoft

Authentication Bypass Microsoft Windows Server 2012 Windows Server 2012 Server Core Installation Windows Server 2012 R2 Windows Server 2012 R2 Server Core Installation Windows Server 2016 Windows Server 2016 Server Core Installation Windows Server 2019 Windows Server 2019 Server Core Installation Windows Server 2022 Windows Server 2022 23H2 Edition Server Core Installation

7.7

CVSS 3.1

Temporal: 6.7

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Lifecycle Timeline

Analysis Generated

Apr 14, 2026 - 19:29 vuln.today

DescriptionNVD

Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.

AnalysisAI

BitLocker encryption bypass in Windows Server 2012 through 2022 enables local attackers with physical access to circumvent disk encryption protections without authentication. The vulnerability affects all Server Core and standard editions across ten years of Windows Server releases. …

RemediationAI

Within 24 hours: Inventory all Windows Server 2012-2022 deployments and identify systems in high-risk physical locations (data centers with loose access controls, remote sites, or with elevated insider threat concern). Within 7 days: Apply Microsoft patch MSRC-2026-27913 to all affected Windows Server instances, prioritizing Tier 1 systems and those handling classified or sensitive data. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-22455 vulnerability details – vuln.today

Back

EUVD-2026-22455

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code