CVE Catalog

CVE-2026-50507

MediumCVSS 6.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Very high risk
5.01%

91th percentile - higher than 91% of all known CVEs

Summary

Missing authentication for a critical function in Windows BitLocker allows an unauthorized attacker to bypass a security feature through a physical attack.

Risk Assessment

The organization faces a risk of data confidentiality breach on BitLocker-enabled devices, as an attacker with physical access can bypass protections without knowledge of the password or recovery key.

Recommendation

It is recommended to immediately apply security patches from Microsoft for Windows and consider additional physical security measures such as port locks or hardware encryption.

Original NVD description (English source)

Missing authentication for critical function in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS