← back
CVE-2026-8863

CVE-2026-8863

CVSS 7.8 HIGHEPSS 0.1%
Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
baramundi software · baramundi Management SuiteBlancco UK · WhiteCanyon WipeDriveFinland Matriculation Board · Abitti 1NTC IT ROSA LLC · RosaLinuxOracle Corporation · OracleLinux(7.2) shimPC-Doctor · Factory for Linux (Bootable Diagnostics)PC-Doctor · Network Factory for Linux (Bootable Diagnostics)PC-Doctor · Service CenterPC-Doctor · Service Center Drive ErasePC-Doctor · Service Center EnterprisePC-Doctor · Service Center JapanSpyrus · WTGCreatorSUSE Linux · OpenSUSE shim

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kb.cert.org/vuls/id/616257https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8863https://www.kb.cert.org/vuls/id/616257