Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-3052

Опубликовано: 10 июн. 2025
Источник: nvd
CVSS3: 8.2
EPSS Низкий

Описание

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

Ссылки

EPSS

Процентиль: 2%
0.00016
Низкий

8.2 High

CVSS3

Дефекты

Связанные уязвимости

redhat логотип

CVE-2025-3052

redhat
8 дней назад

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

msrc логотип

CVE-2025-3052

CVSS3: 6.7
msrc
9 дней назад

Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass

github логотип

GHSA-q4rv-v64c-3hff

CVSS3: 8.2
github
9 дней назад

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

fstec логотип

BDU:2025-06727

CVSS3: 8.2
fstec
9 дней назад

Уязвимость реализации протокола безопасной загрузки Secure Boot операционной системы Windows, позволяющая нарушителю обойти существующие ограничения безопасности и выполнить произвольный код

EPSS

Процентиль: 2%
0.00016
Низкий

8.2 High

CVSS3

Дефекты