Search criteria

1 vulnerability found for WTGCreator by Spyrus

CVE-2026-8863 (GCVE-0-2026-8863)

Vulnerability from cvelistv5 – Published: 2026-06-09 18:10 – Updated: 2026-06-10 15:16
VLAI?
Title
CVE-2026-8863
Summary
Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.
CWE
  • CWE-347 - Improper Verification of Cryptographic Signature
  • CWE-354 - Improper Validation of Integrity Check Value
Assigner
References
Impacted products
Vendor Product Version
Oracle Corporation OracleLinux(7.2) shim Affected: 0.9
Create a notification for this product.
Credits
Thanks to Martin Smolar of ESET for discovering and reporting this vulnerability
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2026-8863",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-09T19:03:03.811729Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-09T19:03:21.716Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2026-06-09T19:41:27.054Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.kb.cert.org/vuls/id/616257"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OracleLinux(7.2) shim",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "0.9"
            }
          ]
        },
        {
          "product": "Service Center Enterprise",
          "vendor": "PC-Doctor",
          "versions": [
            {
              "lessThanOrEqual": "17.0.7536.900",
              "status": "affected",
              "version": "14",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Service Center Drive Erase",
          "vendor": "PC-Doctor",
          "versions": [
            {
              "lessThanOrEqual": "17.0.7538.592",
              "status": "affected",
              "version": "15",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Service Center Japan",
          "vendor": "PC-Doctor",
          "versions": [
            {
              "lessThanOrEqual": "17.0.7539.904",
              "status": "affected",
              "version": "15",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Service Center",
          "vendor": "PC-Doctor",
          "versions": [
            {
              "lessThanOrEqual": "17.0.7535.900",
              "status": "affected",
              "version": "14",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Network Factory for Linux (Bootable Diagnostics)",
          "vendor": "PC-Doctor",
          "versions": [
            {
              "lessThanOrEqual": "6.20.7711.267",
              "status": "affected",
              "version": "6.9",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory for Linux (Bootable Diagnostics)",
          "vendor": "PC-Doctor",
          "versions": [
            {
              "lessThanOrEqual": "6.20.7710.267",
              "status": "affected",
              "version": "6.9",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "WTGCreator",
          "vendor": "Spyrus",
          "versions": [
            {
              "status": "affected",
              "version": "4.2"
            }
          ]
        },
        {
          "product": "WhiteCanyon WipeDrive",
          "vendor": "Blancco UK",
          "versions": [
            {
              "lessThanOrEqual": "8.1.3",
              "status": "affected",
              "version": "8.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "baramundi Management Suite",
          "vendor": "baramundi software",
          "versions": [
            {
              "lessThanOrEqual": "2024R1",
              "status": "affected",
              "version": "*",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "OpenSUSE shim",
          "vendor": "SUSE Linux",
          "versions": [
            {
              "status": "affected",
              "version": "0.9"
            }
          ]
        },
        {
          "product": "Abitti 1",
          "vendor": "Finland Matriculation Board",
          "versions": [
            {
              "status": "affected",
              "version": "1.0.0"
            }
          ]
        },
        {
          "product": "RosaLinux",
          "vendor": "NTC IT ROSA LLC",
          "versions": [
            {
              "status": "affected",
              "version": "R9"
            }
          ]
        },
        {
          "product": "RosaLinux",
          "vendor": "NTC IT ROSA LLC",
          "versions": [
            {
              "status": "affected",
              "version": "R10"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Thanks to Martin Smolar of ESET for discovering and reporting this vulnerability"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-347: Improper Verification of Cryptographic Signature",
              "lang": "en"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "CWE-354: Improper Validation of Integrity Check Value",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-10T15:16:35.228Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "Microsoft Vendor Security Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8863"
        },
        {
          "name": "CERT/CC Vulnerability Notice",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://kb.cert.org/vuls/id/616257"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "CVE-2026-8863",
      "x_generator": {
        "engine": "VINCE 3.0.42",
        "env": "prod",
        "origin": "https://cveawg.mitre.org/api/cve/CVE-2026-8863"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2026-8863",
    "datePublished": "2026-06-09T18:10:15.426Z",
    "dateReserved": "2026-05-18T19:41:10.790Z",
    "dateUpdated": "2026-06-10T15:16:35.228Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}