Security Advisory

CVE-2025-4275

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-11 00:25:17

Last updated 2025-08-14 05:58:07

Assigner Insyde

State PUBLISHED

Description

A vulnerability in the digital signature verification process does not properly validate variable attributes which allows an attacker to bypass signature verification by creating a non-authenticated NVRAM variable. An attacker may to execute arbitrary signed UEFI code and bypass Secure Boot.

← Browse all CVEs View on cve.org ↗