CVE-2025-3052

Name of the Vulnerable Software and Affected Versions: Microsoft UEFI firmware versions prior to June 2025.

Description: A vulnerability exists in Microsoft-signed UEFI firmware that allows for the execution of untrusted software due to an arbitrary write flaw. This allows an attacker to control values, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploitation could enable security bypasses, persistence mechanisms, or full system compromise. This vulnerability, tracked as CVE-2025-3052, affects systems trusting Microsoft's UEFI CA 2011 certificate and has been actively exploited. The vulnerability involves a signed UEFI module that reads unvalidated user-writable NVRAM variables, enabling attackers to disable Secure Boot and install bootkit malware.

Recommendations: Update your UEFI firmware to the latest version available from your device manufacturer. Ensure that Secure Boot is enabled after applying the update.