Two newly disclosed vulnerabilities in Microsoft’s BitLocker drive encryption feature could allow attackers to bypass encryption safeguards on Windows systems.
Tracked as CVE-2025-55333 and CVE-2025-55338, these flaws involve incomplete comparison logic and configuration weaknesses that may let a local, low-privileged user undermine BitLocker’s protection.
BitLocker is designed to protect data at rest by encrypting entire volumes and requiring authentication factors (such as TPM keys or PINs) before unlocking. Both CVEs target the component that validates encryption policy and key usage rules.
https://gbhackers.com/windows-bitlocker-flaws/