Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-48733HistoryFeb 14, 2024 - 10:15 p.m.
CVE-2023-48733
2024-02-1422:15:47
Debian Security Bug Tracker
security-tracker.debian.org
16
cve-2023-48733
ubuntu
edk2
uefi shell
secure boot
os-resident attacker
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
6.4
Confidence
High
EPSS
0
Percentile
15.5%
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu’s EDK2. This allows an OS-resident attacker to bypass Secure Boot.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | edk2 | < 2022.11-6+deb12u1 | edk2_2022.11-6+deb12u1_all.deb |
| Debian | 11 | all | edk2 | < 2020.11-2+deb11u2 | edk2_2020.11-2+deb11u2_all.deb |
| Debian | 999 | all | edk2 | < 2023.11-7 | edk2_2023.11-7_all.deb |
| Debian | 13 | all | edk2 | < 2023.11-7 | edk2_2023.11-7_all.deb |
Related
openvas
openvas
Debian: Security Advisory (DSA-5624-1)
2024-02-15 00:00:00
Debian: Security Advisory (DLA-3852-1)
2024-07-01 00:00:00
Ubuntu: Security Advisory (USN-6638-1)
2024-02-15 00:00:00
cve
cve
CVE-2023-48733
2024-02-14 22:15:47
osv
osv
edk2 - security update
2024-02-14 00:00:00
ovmf-202308-7.1 on GA media
2024-06-15 00:00:00
edk2 - security update
2024-06-30 00:00:00
nessus
nessus
Debian dla-3852 : ovmf - security update
2024-07-01 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : EDK II vulnerabilities (USN-6638-1)
2024-02-15 00:00:00
Debian dsa-5624 : ovmf - security update
2024-02-15 00:00:00
ubuntucve
ubuntucve
CVE-2023-48733
2024-02-14 00:00:00
cvelist
cvelist
CVE-2023-48733
2024-02-14 21:54:08
prion
prion
Default configuration
2024-02-14 22:15:00
nvd
nvd
CVE-2023-48733
2024-02-14 22:15:47
ubuntu
ubuntu
EDK II vulnerabilities
2024-02-15 00:00:00
debian
debian
[SECURITY] [DSA 5624-1] edk2 security update
2024-02-14 20:00:57
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
6.4
Confidence
High
EPSS
0
Percentile
15.5%
Related for DEBIANCVE:CVE-2023-48733