CVE/CVE-2025-3052: Difference between revisions
< CVE
No edit summary |
No edit summary |
||
| Line 11: | Line 11: | ||
Get-SecureBootUEFI | Get-SecureBootUEFI | ||
https://learn.microsoft.com/en-us/powershell/module/secureboot/get-securebootuefi?view=windowsserver2025-ps | https://learn.microsoft.com/en-us/powershell/module/secureboot/get-securebootuefi?view=windowsserver2025-ps | ||
== Quick Windows Patch Check == | |||
Get-HotFix | Where-Object {$_.HotFixID -match "KB5060*"} | |||
== keywords == | == keywords == | ||
Revision as of 08:16, 15 November 2025
CVE-2025-3052 – UEFI Secure Boot Bypass Vulnerability
What is CVE-2025-3052? CVE-2025-3052 is an arbitrary write vulnerability in UEFI firmware applications signed by Microsoft (e.g., DTBios, BiosFlashShell). It allows attackers to manipulate NVRAM variables and bypass Secure Boot, enabling execution of unauthorized code during system startup.
Check-UEFISecureBootVariables
cjee21/Check-UEFISecureBootVariables: PowerShell scripts to check the UEFI KEK, DB and DBX Secure Boot variables. https://github.com/cjee21/Check-UEFISecureBootVariables
Get-SecureBootUEFI https://learn.microsoft.com/en-us/powershell/module/secureboot/get-securebootuefi?view=windowsserver2025-ps
Quick Windows Patch Check
Get-HotFix | Where-Object {$_.HotFixID -match "KB5060*"}