Recovery Environment Agent
by Windows
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-20928 | Med | 0.30 | 4.6 | 0.00 | Apr 14, 2026 | Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack. | ||
| CVE-2021-43239 | 0.00 | — | 0.01 | Dec 15, 2021 | Windows Recovery Environment Agent Elevation of Privilege Vulnerability |
- risk 0.30cvss 4.6epss 0.00
Improper removal of sensitive information before storage or transfer in Windows Recovery Environment Agent allows an unauthorized attacker to bypass a security feature with a physical attack.
- CVE-2021-43239Dec 15, 2021risk 0.00cvss —epss 0.01
Windows Recovery Environment Agent Elevation of Privilege Vulnerability