CVE-2021-28213

Name of the Vulnerable Software and Affected Versions EDK2 (affected versions not specified)

Description The issue is related to an error in the IpSecDxe.efi component of the open-source UEFI EDK2 development environment. This error is associated with pointer dereference mistakes. Exploitation of this issue could allow a remote attacker to access confidential data. There is also a mention of an example EDK2 encrypted private key in the IpSecDxe.efi posing potential security risks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.