exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2025-3052

5 месяцев назад

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

EPSS: Низкий

CVE-2025-3052

5 месяцев назад

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

CVSS3: 8.2

EPSS: Низкий

CVE-2025-3052

5 месяцев назад

Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass

CVSS3: 6.7

EPSS: Низкий

GHSA-q4rv-v64c-3hff

5 месяцев назад

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

CVSS3: 8.2

EPSS: Низкий

BDU:2025-06727

5 месяцев назад

Уязвимость реализации протокола безопасной загрузки Secure Boot операционной системы Windows, позволяющая нарушителю обойти существующие ограничения безопасности и выполнить произвольный код

CVSS3: 8.2

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-3052 An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.		0% Низкий	5 месяцев назад
CVE-2025-3052 An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.	CVSS3: 8.2	0% Низкий	5 месяцев назад
CVE-2025-3052 Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass	CVSS3: 6.7	0% Низкий	5 месяцев назад
GHSA-q4rv-v64c-3hff An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.	CVSS3: 8.2	0% Низкий	5 месяцев назад
BDU:2025-06727 Уязвимость реализации протокола безопасной загрузки Secure Boot операционной системы Windows, позволяющая нарушителю обойти существующие ограничения безопасности и выполнить произвольный код	CVSS3: 8.2	0% Низкий	5 месяцев назад

Уязвимостей на страницу