Описание
A vulnerability related to the use an insecure Platform Key (PK) has been discovered. An attacker with the compromised PK private key can create malicious UEFI software that is signed with a trusted key that has been compromised.
Ссылки
EPSS
6.4 Medium
CVSS3
Дефекты
Связанные уязвимости
A vulnerability related to the use an insecure Platform Key (PK) has been discovered. An attacker with the compromised PK private key can create malicious UEFI software that is signed with a trusted key that has been compromised.
A vulnerability related to the use an insecure Platform Key (PK) has been discovered. An attacker with the compromised PK private key can create malicious UEFI software that is signed with a trusted key that has been compromised.
Уязвимость микропрограммного обеспечения UEFI (BIOS), связанная с возможностью использования жёстко закодированных ключей платформы, позволяющая нарушителю выполнить произвольный код до загрузки операционной системы
EPSS
6.4 Medium
CVSS3