CVE/CVE-2025-3052

CVE-2025-3052 – UEFI Secure Boot Bypass Vulnerability

What is CVE-2025-3052?
CVE-2025-3052 is an arbitrary write vulnerability in UEFI firmware applications signed by Microsoft (e.g., DTBios, BiosFlashShell).  It allows attackers to manipulate NVRAM variables and bypass Secure Boot, enabling execution of unauthorized code during system startup.

Check-UEFISecureBootVariables

cjee21/Check-UEFISecureBootVariables: PowerShell scripts to check the UEFI KEK, DB and DBX Secure Boot variables.
https://github.com/cjee21/Check-UEFISecureBootVariables

Get-SecureBootUEFI
https://learn.microsoft.com/en-us/powershell/module/secureboot/get-securebootuefi?view=windowsserver2025-ps

Quick Windows Patch Check

Get-HotFix | Where-Object {$_.HotFixID -match "KB5060*"}

CVE/CVE-2025-3052

Contents

CVE-2025-3052 – UEFI Secure Boot Bypass Vulnerability

Check-UEFISecureBootVariables

Quick Windows Patch Check

keywords

Navigation menu

CVE/CVE-2025-3052

CVE-2025-3052 – UEFI Secure Boot Bypass Vulnerability

Check-UEFISecureBootVariables

Quick Windows Patch Check

keywords

Navigation menu

Search