Back

New BitUnlocker Attack Compromises Windows 11 Disk Encryption in Minutes

Severity: High (Score: 69.8)

Sources: Cybersecuritynews, Gbhackers

Summary

A new downgrade attack, dubbed BitUnlocker, has been identified, allowing attackers with physical access to Windows 11 machines to bypass BitLocker disk encryption in under 5 minutes. This attack exploits CVE-2025-48804, a critical vulnerability first documented by the Microsoft STORM team in July 2025. The flaw arises from a gap in how Secure Boot interacts with legacy systems, enabling unauthorized decryption of protected volumes. The first public proof-of-concept for this exploit was released on April 30, 2026. Organizations using Windows 11 should be aware of this vulnerability and take necessary precautions to secure their systems. The attack poses a significant risk to data confidentiality for users who rely on BitLocker for encryption. Immediate action is recommended for those with physical access to their devices. Key Points: • BitUnlocker attack allows decryption of Windows 11 BitLocker volumes in under 5 minutes. • Exploits CVE-2025-48804, a critical vulnerability related to Secure Boot and legacy systems. • First public proof-of-concept was released on April 30, 2026.

Key Entities

  • Zero-day Exploit (attack_type)
  • CVE-2025-48804 (cve)
  • BitLocker (platform)
  • Windows (platform)
  • Windows 11 (platform)
  • BitUnlocker (tool)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed