exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2025-3052

около 2 месяцев назад

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

EPSS: Низкий

CVE-2025-3052

2 месяца назад

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

CVSS3: 8.2

EPSS: Низкий

CVE-2025-3052

2 месяца назад

Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass

CVSS3: 6.7

EPSS: Низкий

GHSA-q4rv-v64c-3hff

2 месяца назад

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

CVSS3: 8.2

EPSS: Низкий

BDU:2025-06727

2 месяца назад

Уязвимость реализации протокола безопасной загрузки Secure Boot операционной системы Windows, позволяющая нарушителю обойти существующие ограничения безопасности и выполнить произвольный код

CVSS3: 8.2

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-3052 An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.		0% Низкий	около 2 месяцев назад
CVE-2025-3052 An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.	CVSS3: 8.2	0% Низкий	2 месяца назад
CVE-2025-3052 Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass	CVSS3: 6.7	0% Низкий	2 месяца назад
GHSA-q4rv-v64c-3hff An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.	CVSS3: 8.2	0% Низкий	2 месяца назад
BDU:2025-06727 Уязвимость реализации протокола безопасной загрузки Secure Boot операционной системы Windows, позволяющая нарушителю обойти существующие ограничения безопасности и выполнить произвольный код	CVSS3: 8.2	0% Низкий	2 месяца назад

Уязвимостей на страницу