SC Media reports that threat actors could leverage the new medium-severity Windows BitLocker tool vulnerability, tracked as CVE-2025-21210, to facilitate a new randomization attack aimed at the AES-XTS encryption mode, indicating the emergence of increasingly advanced intrusions against full-disk encryption systems.
While AES-XTS encryption prevents direct data book compromise even with physical access to hard drives, exploitation of the newly discovered flaw could enable tweaking of pages, or ciphertext blocks, resulting in the leak of sensitive data without direct decryption, said Jason Soroko, senior fellow at Sectigo.
"The real danger is that this method doesn't require breaking the encryption directly," said Soroko. "Instead, it manipulates how the encrypted data is handled, allowing attackers to bypass security measures and access sensitive information.
Soroko urged teams to implement updated encryption software, limit physical device access, and impose stringent systems monitoring for potential tampering activities.
