Qualcomm Fastboot UEFI Vulnerabilities - Lenovo Support US

No description provided...

CVE-2025-35991

Improper initialization in the UEFI firmware for some Intel platforms within Ring 0: Bare Metal OS may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

Intel UEFI Reference Firmware May 2026 Security Update

Intel has informed HP of a potential security vulnerability in UEFI for some Intel Reference Platforms which might allow information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...

CVE-2025-20105

Improper input validation in some UEFI firmware SMM module for the IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local...

EUVD-2025-208551

Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-20073

Improper buffer restrictions in the UEFI DXE module for some IntelR Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local...

CVE-2025-20068

Improper input validation in the UEFI ImcErrorHandler module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via...

CVE-2025-20027

Improper input validation in the UEFI WheaERST module for some IntelR reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local...

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability that leaves them susceptible to early-boot direct memory access DMA attacks across architectures that implement a Unified Extensible Firmware Interface UEFI and...

CVE-2021-39300

Potential vulnerabilities have been identified in UEFI firmware BIOS for some PC products which may allow escalation of privilege and arbitrary code execution...

Analyzing open-source bootloaders: Finding vulnerabilities faster with AI

By leveraging Microsoft Security Copilot to expedite the vulnerability discovery process, Microsoft Threat Intelligence uncovered several vulnerabilities in multiple open-source bootloaders, impacting all operating systems relying on Unified Extensible Firmware Interface UEFI Secure Boot as well ...

The vulnerability of the UEFI loading mode of the BIOS microprogramming system on Intel Server Board M20NTP allows a hacker to enhance their privileges.

The vulnerability of the UEFI boot mode of the BIOS microprogramming system on Intel Server Board M20NTP is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the UEFI Firmware component of Intel microprogramming systems, related to writing beyond the buffer boundaries, allows attackers to enhance their privileges.

The vulnerability of the UEFI Firmware component of Intel microprocessors is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Resume Extensible Firmware Interface in Microsoft Windows operating systems allows a hacker to bypass the UEFI Secure Boot security mechanism.

The vulnerability of the Resume Extensible Firmware Interface in Microsoft Windows operating systems is related to a potential overflow condition. Exploiting this vulnerability could allow an attacker to bypass the UEFI Secure Boot security mechanism...

Huawei PC Manager 安全漏洞

Huawei PC Manager is a computer management application from Huawei China. An Access Control Error vulnerability exists in Huawei PC Manager, which stems from improper interface access control, and can be exploited by an attacker to launch a UEFI shell and cause a memory leak...

Security Bulletin: Denial of service vulnerability affects IBM Unified Extensible Firmware Interface (CVE-2017-5703)

Summary IBM System x, Flex and BladeCenter systems have addressed the following denial of service vulnerability in Unified Extensible Firmware Interface UEFI. Vulnerability Details CVEID: CVE-2017-5703 DESCRIPTION: Multiple Intel platforms are vulnerable to a denial of service, caused by the...

Dell BIOS 输入验证错误漏洞

Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell USA. Dell BIOS has an input validation error vulnerability that stems from incorrect input validation. An attacker could exploit this vulnerability to modify UEFI variables...

The vulnerability in the open-source development environment for UEFI EDK2, related to uncontrolled recursion, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of open-source development environments for UEFI EDK2 is related to uncontrolled recursion. Exploiting this vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures...

多款Acer产品缓冲区错误漏洞

Acer Aspire Series is a line of servers from Acer China. The security vulnerability in Acer products stems from the presence of a stack buffer overflow vulnerability, which could lead to the execution of arbitrary code in the UEFI DXE driver on certain Acer products. An attacker could elevate...

PT-2022-4227 · Hewlett Packard · Hp Pc

Name of the Vulnerable Software and Affected Versions: HP PC products affected versions not specified Description: The issue is related to potential vulnerabilities in the system BIOS of certain HP PC products. These vulnerabilities might allow arbitrary code execution, escalation of privilege,...