CVE-2025-2296
Un-verified kernel bypass Secure Boot mechanism in direct boot mode
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and Availability.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L
Productos afectados
TianoCore · EDK2¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →