59 matches found
CVE-2023-48733
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...
CVE-2023-49721
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...
Default configuration
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...
CVE-2023-49721
CVE-2023-49721 describes an insecure default in Ubuntu’s EDK2 firmware where UEFI Shell access was left enabled in LXD, enabling an OS-resident attacker with local access to bypass Secure Boot. Connected documents corroborate a cross-release pattern (Ubuntu edk2 packages) and note remediation in ...
CVE-2023-49721
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...
CVE-2023-49721
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...
CVE-2023-48733
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...
CVE-2023-48733
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...
CVE-2023-48733
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...
CVE-2023-48733
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...
CVE-2023-48733
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...
PT-2024-13784 · Canonical · Lxd
Name of the Vulnerable Software and Affected Versions: LXD affected versions not specified Description: The issue is related to an insecure default setting that allows the UEFI Shell in EDK2, which was left enabled in LXD. This setting enables an OS-resident attacker to bypass Secure Boot...
CVE-2023-49721
An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot...
CVE-2023-48733
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...
UBUNTU-CVE-2023-48733
An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot...
PT-2023-9359 · Edk2 +3 · Edk2 +3
Name of the Vulnerable Software and Affected Versions: EDK2 versions affected versions not specified Description: The issue is related to an insecure default configuration in EDK2 that allows the UEFI Shell to be enabled, potentially permitting an OS-resident attacker to bypass Secure Boot. This...
CHIPSEC - Platform Security Assessment Framework
CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware BIOS/UEFI, and platform components. It includes a security test suite, tools for accessing various low level interfaces, and forensic capabilities. It can be run on Windows, Linux, Mac OS X and...
BIOS SMI Handler Input Validation Failures - Lenovo Support US
No description provided...
Platform Security Assessment Framework: ChipSec
Platform Security Assessment Framework CHIPSEC is a framework for analyzing security of PC platforms including hardware, system firmware including BIOS/UEFI and the configuration of platform components. It allows creating security test suite, security assessment tools for various low level...