AI description
CVE-2023-21563 is a vulnerability that allows bypassing Microsoft's BitLocker encryption. The vulnerability, also known as "Bitpixie," stems from the Windows bootloader not properly clearing the encryption key (VMK) from memory after a PXE reboot. The vulnerability can be exploited through a software-based attack in less than five minutes, requiring only brief physical access to the device and a network connection. One method involves using a signed Linux environment to extract the VMK from memory, while another relies on Microsoft-signed components in a modified Windows PE environment. Successful exploitation allows decryption of a BitLocker-protected drive without authentication.
- Description
- BitLocker Security Feature Bypass Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 6.8
- Impact score
- 5.9
- Exploitability score
- 0.9
- Vector string
- CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
- Hype score
- Not currently trending
📌 Bitpixie vulnerability (CVE-2023-21563) bypasses BitLocker encryption in minutes, posing a high risk to enterprise data security. #CyberSecurity #BitLocker https://t.co/xeqsrrd8r4 https://t.co/Ooj52BJWd6
@CyberHub_blog
17 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BitLocker Encryption Bypassed in Minutes via Bitpixie (CVE-2023-21563) – PoC Reveals High-Risk Attack Path https://t.co/NszEd70L1r
@xecmac_tech
15 May 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Bitpixie脆弱性(CVE-2023-21563)を使用してBitLockerのボリュームマスターキー(VMK)を5分以下で突破する方法についての解説。Linuxから、あるいはWinPEから実行可能。プリブート認証無しでTPMに依存しているのが悪い。 ht
@__kokumoto
15 May 2025
1912 Impressions
10 Retweets
21 Likes
12 Bookmarks
0 Replies
0 Quotes
BitLockerの重大な脆弱性(CVE-2023-21563)を使用し、ソフトウェアのみで5分以内に暗号化を回避可能な攻撃「Bitpixie」のPoCが公開された。 これは、WindowsのPXEソフトリブート処理中にボリュームマスターキー(VMK)
@yousukezan
15 May 2025
4102 Impressions
12 Retweets
56 Likes
14 Bookmarks
0 Replies
2 Quotes
BitLocker Encryption Bypassed in Minutes via Bitpixie (CVE-2023-21563) – PoC Reveals High-Risk Attack Path https://t.co/aIqDA9v4NH
@Dinosn
15 May 2025
11262 Impressions
103 Retweets
284 Likes
136 Bookmarks
0 Replies
3 Quotes
BitLocker Encryption Bypassed in Minutes via Bitpixie (CVE-2023-21563) – PoC Reveals High-Risk Attack Path https://t.co/jnjzgNXasT
@the_yellow_fall
15 May 2025
452 Impressions
7 Retweets
14 Likes
5 Bookmarks
0 Replies
0 Quotes
In his latest blog post, Marc Tanner @marcandretanner shows how to bypass BitLocker using BitPixie (CVE-2023-21563) and signed Microsoft components only. Check out the blog post for a PoC and a demo. #BitLocker #redteam https://t.co/lBF1mFzayt https://t.co/z0aTQkTxih
@compasssecurity
13 May 2025
1923 Impressions
12 Retweets
21 Likes
8 Bookmarks
0 Replies
1 Quote
Researchers demonstrated a Windows 11 BitLocker vulnerability, "bitpixie" (CVE-2023-21563), allowing attackers to access encrypted files. Microsoft issued patches, but older bootloaders remain exploitable. https://t.co/G9UW7A2rje
@Teemu_Tiainen
20 Jan 2025
87 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Descubre cómo se puede burlar la encriptación de BitLocker en Windows 11 sin conocer la contraseña, utilizando una vulnerabilidad no resuelta desde 2022. Aprende más sobre la explotación de CVE-2023-21563 y cómo protegerte. Comparte. https://t.co/uDXSfMItKH
@Megabyt79042961
11 Jan 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Major vulnerability in Windows BitLocker encryption (CVE-2023-21563) exposed at Chaos Communication Congress! Attackers can bypass encryption with brief physical access. #WindowsSecurity #BitLocker #Germany #CybersecurityNews link: https://t.co/fH612oQwW6 https://t.co/pu4nbzG
@TweetThreatNews
4 Jan 2025
36 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
BitLockerの脆弱性bitpixie (CVE-2023-21563)、2022年11月に修正済みのはずだったが修正を迂回されてしまう。Chaos Communication Congress (CCC)報告。古いWindowsブートローダーをセキュアブート経由で悪用することで暗号鍵を抽出する手法。 https://t.co/45tjzu3VUY
@__kokumoto
3 Jan 2025
2326 Impressions
13 Retweets
35 Likes
12 Bookmarks
0 Replies
0 Quotes
🚨 Windows BitLocker Vulnerability Alert! 🚨 🔓 At #CCC, researcher Thomas Lambertz revealed "bitpixie" (CVE-2023-21563), a flaw allowing attackers to bypass BitLocker encryption with brief physical access + network connectivity – no tools needed! 🛠️❌ 🖥️ Root cause: outdated…
@GHak2learn27752
3 Jan 2025
1415 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "73D24713-D897-408D-893B-77A61982597D"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:-:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "E4150CE0-6A16-4C62-989B-840EF7880C36"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "83C0919F-C4C8-45AE-BDA8-4D88BF0450D5"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "47D30450-851A-4C4E-9116-8CFCE5CFA276"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*",
"vulnerable": true,
"matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "7FE8B00B-4F39-4755-A323-8AD71F5E3EBE"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "06BBFA69-94E2-4BAB-AFD3-BC434B11D106"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "C936FD4F-959C-43B8-9917-E2A0DF4A8793"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "DF8ABB14-84CF-4BBC-99C9-DA6C0F7A0619"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
],
"operator": "OR"
}
]
}
]