
We found results for “”
CVE-2025-3770
Good to know:

Date: August 6, 2025
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability.
Severity Score
Severity Score
Weakness Type (CWE)
Protection Mechanism Failure
CWE-693Top Fix

Upgrade Version
Upgrade to version https://github.com/tianocore/edk2.git - null
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | HIGH |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |