CVE-2026-8863

Summary

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the operating system loads. Specific UEFI DBX update is required to block these vulnerable boot loaders.

Affected Software

VendorProductVersion RangeStatus
Oracle CorporationOracleLinux(7.2) shim0.9affected
PC-DoctorService Center Enterprise14 <= 17.0.7536.900affected
PC-DoctorService Center Drive Erase15 <= 17.0.7538.592affected
PC-DoctorService Center Japan15 <= 17.0.7539.904affected
PC-DoctorService Center14 <= 17.0.7535.900affected
PC-DoctorNetwork Factory for Linux (Bootable Diagnostics)6.9 <= 6.20.7711.267affected
PC-DoctorFactory for Linux (Bootable Diagnostics)6.9 <= 6.20.7710.267affected
SpyrusWTGCreator4.2affected
Blancco UKWhiteCanyon WipeDrive8.0.0 <= 8.1.3affected
baramundi softwarebaramundi Management Suite* <= 2024R1affected
SUSE LinuxOpenSUSE shim0.9affected
Finland Matriculation BoardAbitti 11.0.0affected
NTC IT ROSA LLCRosaLinuxR9affected
NTC IT ROSA LLCRosaLinuxR10affected

Weaknesses

  • CWE-347: Improper Verification of Cryptographic Signature
  • CWE-354: Improper Validation of Integrity Check Value

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References