Primary

Context

EDK2 OVMF Secure Boot Bypass Vulnerability Allowing Arbitrary Command Execution

Vulnerability

Patched

A vulnerability in the EDK2 OVMF package prior to version 202502 allows for a bypass of the Secure Boot mechanism in direct boot mode. When Secure Boot is enabled, the DxeImageVerification process verifies the signature of the Linux kernel before it is loaded. However, if the signature is not recognized, DxeImageVerification denies access and the system falls back to a legacy loader, bypassing Secure Boot. This vulnerability could be exploited to alter control flow, potentially leading to arbitrary command execution.

Impact

Exploitation of this vulnerability could bypass Secure Boot, allowing unauthorized code to be executed with elevated privileges.

Remediation

Users can upgrade to EDK2 OVMF version 202505 or later to address this vulnerability.

Added: Dec 9, 2025, 8:32 PM

Updated: Dec 9, 2025, 8:32 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.8

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.8

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

EDK2 OVMF Secure Boot Bypass Vulnerability Allowing Arbitrary Command Execution

Vulnerability

Impact

Remediation

Affected Products

tianocore EDK2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating