The vulnerability of the Resume Extensible Firmware Interface in Microsoft Windows operating systems allows a hacker to bypass the UEFI Secure Boot security mechanism.

🗓️ 14 Oct 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 3 Views

A flaw in Unified Extensible Firmware Interface on Windows could overflow and bypass Secure Boot.

Reporter	Title	Published	Views	Family All 42
Circl	CVE-2024-37976	8 Oct 202417:54	–	circl
CNNVD	Microsoft Windows 输入验证错误漏洞	8 Oct 202400:00	–	cnnvd
CVE	CVE-2024-37976	8 Oct 202417:35	–	cve
Cvelist	CVE-2024-37976 Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability	8 Oct 202417:35	–	cvelist
EUVD	EUVD-2024-37016	3 Oct 202520:07	–	euvd
Microsoft KB	October 8, 2024—KB5044277 (OS Build 17763.6414) - EXPIRED	8 Oct 202414:00	–	mskb
Microsoft KB	October 8, 2024—KB5044280 (OS Build 22000.3260)	8 Oct 202414:00	–	mskb
Microsoft KB	October 8, 2024—KB5044281 (OS Build 20348.2762)	8 Oct 202414:00	–	mskb
Microsoft KB	October 8, 2024—KB5044284 (OS Build 26100.2033)	8 Oct 202414:00	–	mskb
Microsoft KB	October 8, 2024—KB5044285 (OS Builds 22621.4317 and 22631.4317)	8 Oct 202414:00	–	mskb

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37976
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2024100924
vuldb	www.vuldb.com/
web	www.web.nvd.nist.gov/view/vuln/detail

14 Oct 2024 00:00Current

5.5Medium risk

Vulners AI Score5.5

CVSS 36.7

CVSS 26.8

EPSS0.00573

Unified Extensible Firmware Windows Systems Secure Boot Overflow Condition Security Bypass