PatchSiren cyber security CVE debrief
CVE-2026-48570 Microsoft CVE debrief
CVE-2026-48570 is a protection mechanism failure in Windows Secure Boot, enabling an authorized attacker to bypass a security feature locally. The vulnerability has a CVSS score of 7.9 and is classified as HIGH severity. It was published on 2026-06-09T17:17:45.657Z and modified on 2026-06-10T17:17:05.100Z.
- Vendor
- Microsoft
- Product
- Windows 10 Version 1607
- CVSS
- HIGH 7.9
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-09
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-09
- Advisory updated
- 2026-06-10
Who should care
Administrators and users of affected Microsoft Windows versions should prioritize patching this vulnerability to prevent potential local attacks.
Technical summary
The vulnerability exists in various versions of Microsoft Windows, including Windows 10, Windows 11, and Windows Server. An authorized attacker can exploit this vulnerability to bypass a security feature locally. The Common Vulnerability Scoring System (CVSS) vector is CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N.
Defensive priority
High
Recommended defensive actions
- Apply patches from Microsoft as soon as possible [ref-4].
Evidence notes
The CVE record [cve-org] and NVD detail [nvd] provide comprehensive information about the vulnerability.
Official resources
-
CVE-2026-48570 CVE record
CVE.org
-
CVE-2026-48570 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
CVE-2026-48570 was published on 2026-06-09T17:17:45.657Z and modified on 2026-06-10T17:17:05.100Z.