CVE-2025-3770

high

Description

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability.

References

https://github.com/tianocore/edk2/security/advisories/GHSA-vx5v-4gg6-6qxr

Details

Source: Mitre, NVD

Published: 2025-08-07

Updated: 2025-08-07

Risk Information

CVSS v2

Base Score: 6

Vector: CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00018

Detections

Analytics