CVE Catalog

CVE-2026-8863

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

0th percentile - higher than 0% of all known CVEs

Summary

Multiple Microsoft-signed UEFI SHIM bootloaders are vulnerable to Secure Boot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads.

Risk Assessment

The organization may be exposed to the execution of malicious code, potentially leading to data loss and system integrity breaches. Bypassing Secure Boot poses a serious threat to the overall security of the IT infrastructure.

Recommendation

It is recommended to update the UEFI DBX to block these vulnerable bootloaders. Additionally, access to boot processes should be monitored and restricted to minimize risk.

Original NVD description (English source)

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS