{"vulnerability": "CVE-2022-41099", "sightings": [{"uuid": "8b6a8f07-84ba-4597-a8d4-d37db6a1b854", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41099", "type": "published-proof-of-concept", "source": "https://t.me/RedTeamFeed/38", "content": "CVE-2022-41099 - Analysis of a BitLocker Drive Encryption Bypass\n#itm4n\n\nIn November 2022, an advisory was published by Microsoft about a BitLocker bypass. This vulnerability caught my attention because the fix required a manual operation by users and system administrators, even after installing all the security updates. Couple this with the fact that the procedure was not well documented initially, and you have the perfect recipe for disaster. This is typically th...\n\nvia Itm4n Blog (author: itm4n)", "creation_timestamp": "2023-09-09T11:14:03.000000Z"}, {"uuid": "1e7ec537-0c7c-4a7d-9073-b20febef9b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41099", "type": "seen", "source": "https://t.me/cKure/10811", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Microsoft shares script to fix WinRE BitLocker bypass flaw.\n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41099\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-shares-script-to-fix-winre-bitlocker-bypass-flaw/", "creation_timestamp": "2023-03-19T07:05:22.000000Z"}, {"uuid": "0b7e1586-54e9-40a6-a217-38ca0f8bb187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41099", "type": "published-proof-of-concept", "source": "https://t.me/RedTeamFeed/77", "content": "A Deep Dive into TPM-based BitLocker Drive Encryption\n#itm4n\n\nWhen I investigated CVE-2022-41099, a BitLocker Drive Encryption bypass through the Windows Recovery Environment (WinRE), the fact that the latter was able to transparently access an encrypted drive without requiring the recovery password struck me. My initial thought was that there had to be a way to reproduce this behavior and obtain the master key from the Recovery Environment (WinRE). The o...\n\nvia Itm4n Blog (author: itm4n)", "creation_timestamp": "2023-10-14T12:17:03.000000Z"}, {"uuid": "1753e443-bc60-405a-aae0-dd2c78121f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41099", "type": "published-proof-of-concept", "source": "Telegram/ayNhhaciXe1fsjFFcsSlUSKQ6y7latiLTWsf0lshNdzB95s", "content": "", "creation_timestamp": "2023-08-27T17:11:25.000000Z"}, {"uuid": "b3383167-e329-4f7b-85f6-c4efddaf338e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41099", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8958", "content": "#Threat_Research\n1. Analysis of a BitLocker Drive Encryption Bypass (CVE-2022-41099)\nhttps://blog.scrt.ch/2023/08/14/cve-2022-41099-analysis-of-a-bitlocker-drive-encryption-bypass\n2. What is a \"good\" Linux Kernel bug?\nhttps://blog.isosceles.com/what-is-a-good-linux-kernel-bug", "creation_timestamp": "2023-09-03T21:54:51.000000Z"}]}