Improper Enforcement of Behavioral Workflow

CVE-2025-55330

Medium

6.1/10

Summary

Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

Attack Complexity: LOW
Attack Vector: PHYSICAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-841 - Improper Enforcement of Behavioral Workflow

The software supports a session in which more than one behavior must be performed by an actor, but it does not properly ensure that the actor performs the behaviors in the required sequence.

References

Advisory Timeline

Published Oct 14, 2025

Improper Enforcement of Behavioral Workflow

CVE-2025-55330

Summary

CWE-841 - Improper Enforcement of Behavioral Workflow

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS