CVE-2025-4275 | THREATINT

Description

A vulnerability in the digital signature verification process does not properly validate variable attributes which allows an attacker to bypass signature verification by creating a non-authenticated NVRAM variable. An attacker may to execute arbitrary signed UEFI code and bypass Secure Boot.

PUBLISHED Reserved 2025-05-05 | Published 2025-06-11 | Updated 2025-08-14 | Assigner Insyde

HIGH: 7.8CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Problem types

cwe-284: Improper Access Control

Product status

Default status

unknown

Kernel 5.2 (Tag) before 05.2A.16

affected

Kernel 5.3 (Tag) before 05.39.16

affected

Kernel 5.4 (Tag) before 05.47.16

affected

Kernel 5.5 (Tag) before 05.55.16

affected

Kernel 5.6 (Tag) before 05.62.16

affected

Kernel 5.7 (Tag) before 05.71.16

affected

Credits

Thanks to Nikolaj Schlej, independent firmware security researcher, for reporting the vulnerability and engaging in this coordinated disclosure. reporter

References

www.kb.cert.org/vuls/id/211341

www.insyde.com/security-pledge/sa-2025002/

cve.org (CVE-2025-4275)

nvd.nist.gov (CVE-2025-4275)