CVE-2025-3770

High CVSS: 7.0

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability.

Vendor

Product

CWE

CWE-693

Yayın Tarihi

2025-08-07 01:15:25

Güncelleme

2025-08-07 21:26:37

Source Identifier

infosec@edk2.groups.io

KEV Date Added

Kategoriler

CWE-693 HIGH 2025

Referanslar

https://github.com/tianocore/edk2/security/advisories/GHSA-vx5v-4gg6-6qxr