A critical vulnerability in Windows BitLocker, identified as CVE-2025-21210, has exposed the encryption mechanism to a novel randomization attack targeting the AES-XTS encryption mode.

This vulnerability allows attackers with physical access to manipulate ciphertext blocks, causing sensitive data to be written to disk in plaintext. The flaw underscores the evolving sophistication of attacks against full-disk encryption systems.