CVE-2008-3893

CVSS 5.5 MEDIUMEPSS 1.5%CWE-200

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.5EPSS 1.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

03 Sep 2008Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Microsoft Bitlocker in Windows Vista before SP1 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer during boot, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/31619 http://www.ivizsecurity.com/security-advisory-iviz-sr-0801.html