Lucene search
+L

485 matches found

Positive Technologies
Positive Technologies
added 2021/03/24 12:0 a.m.3 views

PT-2024-11184 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue occurs when no valid fdt is found, causing initial boot params to be null. This happens when setup arch invokes efi init and then efi get fdt params. To prevent further fdt...

5.5CVSS6.2AI score0.00232EPSS
Exploits0References18
OSV
OSV
added 2021/03/11 4:15 p.m.3 views

CVE-2021-26892

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability...

6.2CVSS6.8AI score0.01062EPSS
Exploits0References2
CVE
CVE
added 2021/03/11 3:42 p.m.87 views

CVE-2021-26892

Technical details about CVE-2021-26892 (affected product, root cause, impact, fixes) are not provided in the connected documents; no public details are included here. Monitor for updates.

6.2CVSS7.4AI score0.01062EPSS
Exploits0References2Affected Software3
Cvelist
Cvelist
added 2021/03/11 3:42 p.m.25 views

CVE-2021-26892 Windows Extensible Firmware Interface Security Feature Bypass Vulnerability

...

6.2CVSS8AI score0.01062EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2021/03/09 8:0 a.m.33 views

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability

...

6.2CVSS5.8AI score0.01062EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/03/09 12:0 a.m.3 views

PT-2021-2275 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security feature bypass vulnerability in the Windows Extensible Firmware Interface. This vulnerability allows attackers to bypass existing security restrictions...

6.2CVSS6.5AI score0.01062EPSS
Exploits0References11
CNNVD
CNNVD
added 2021/03/09 12:0 a.m.9 views

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation. A security vulnerability exists in the Windows Extensible Firmware Interface. The following products and editions are affected:Windows 10 Version 1607 for x64-based...

6.2CVSS7.1AI score0.01062EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/02/26 12:0 a.m.9 views

Kaspersky Security Vulnerabilities

Kaspersky module is an application component of the Russian company Kaspersky Kaspersky. It provides antivirus protection. A security vulnerability exists in Kaspersky that allows loading of untrusted UEFI modules due to their insufficient authenticity checks...

6.8CVSS6.9AI score0.00231EPSS
Exploits0References3
OSV
OSV
added 2020/10/16 11:15 p.m.0 views

CVE-2020-16910

A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface UEFI location. To exploit this vulnerability, an attacker could run a specially craft...

6.2CVSS6.5AI score0.02787EPSS
Exploits0References1
Prion
Prion
added 2020/10/16 11:15 p.m.15 views

Security feature bypass

A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface UEFI location. To exploit this vulnerability, an attacker could run a specially craft...

4.3CVSS6.9AI score0.02787EPSS
Exploits0References1Affected Software2
Positive Technologies
Positive Technologies
added 2020/10/13 12:0 a.m.4 views

PT-2020-4268 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A security feature bypass issue exists due to Windows' failure to handle file creation permissions properly, potentially allowing an attacker to create files in a protected Unified Extensib...

6.2CVSS6AI score0.02787EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2020/10/06 8:33 a.m.200 views

New 'MosaicRegressor' UEFI Bootkit Malware Found Active in the Wild

Cybersecurity researchers have spotted a rare kind of potentially dangerous malware that targets a machine's booting process to drop persistent malware. The campaign involved the use of a compromised UEFI or Unified Extensible Firmware Interface containing a malicious implant, making it the secon...

9.3CVSS0.1AI score0.95121EPSS
Exploits0
OSV
OSV
added 2020/09/23 1:15 a.m.5 views

CVE-2019-1736

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface UEFI Secure Boot validation checks and load a compromised software image on an affected device. The vulnerability is due to improp...

6.6CVSS6.5AI score0.00247EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2020/07/29 7:40 p.m.6 views

kernel: lockdown: bypass through ACPI write via efivar_ssdt

A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...

6.9CVSS7.1AI score0.00514EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2020/07/29 6:31 p.m.7 views

kernel: lockdown: bypass through ACPI write via efivar_ssdt

A flaw was found in how the ACPI table loading through the EFI variable and the related efivarssdt boot option was handled when the Linux kernel was locked down. This flaw allows a root privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerabilit...

6.9CVSS7.1AI score0.00514EPSS
Exploits0References8
CNVD
CNVD
added 2020/07/22 12:0 a.m.3 views

Unspecified vulnerability in Linux kernel (CNVD-2020-52434)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the drivers/firmware/efi/efi.c file in Linux kernel versions prior to 5.4. An attacker can exploit this vulnerability to bypass...

6.9CVSS6.5AI score0.00514EPSS
Exploits0References1
OSV
OSV
added 2020/04/04 12:15 a.m.6 views

CVE-2020-5348

Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFIBOOTSERVICES in system management mode. A local unauthenticated attacker may exploit this vulnerability by overwriting the EFIBOOTSERVICES structure to execute arbitrary code in system management mode...

7.8CVSS7.4AI score0.00379EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2020/02/25 2:22 a.m.6 views

reblog

Defeating a Laptop's BIOS Password We found a laptop laying a...

7.8AI score
Exploits0
OSV
OSV
added 2019/11/05 9:15 p.m.5 views

CVE-2019-16284

A potential security vulnerability has been identified in multiple HP products and versions which involves possible execution of arbitrary code during boot services that can result in elevation of privilege. The EFIBOOTSERVICES structure might be overwritten by an attacker to execute arbitrary SM...

7.2CVSS7.4AI score0.01959EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/08/08 12:0 a.m.10 views

The vulnerability of UEFI (BIOS) software on HP workstations allows a hacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of UEFI BIOS software on HP workstations is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information, provided that the TPM module is disabled...

9CVSS5.5AI score0.01236EPSS
Exploits0References3Affected Software4
Rows per page
Query Builder