If you actually read his github you would know that there is a different version of the responsible component between the recovery environment and an installation. Only the RE has the issue.

I know. It was mentioned in the article. It’s precisely why I said:

Another possibility is that they have two separate builds fro BitLocker, and the one used in WinRE is vulnerable which they missed.