CVE-2025-3052

Name of the Vulnerable Software and Affected Versions Microsoft UEFI firmware versions prior to June 2025

Description An arbitrary write vulnerability exists in Microsoft-signed UEFI firmware, allowing for the execution of untrusted software. This allows an attacker to control values, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploitation could enable security bypasses, persistence mechanisms, or full system compromise. This vulnerability, tracked as CVE-2025-3052, affects systems trusting Microsoft’s UEFI CA 2011 certificate. The vulnerability involves a signed UEFI module that reads unvalidated user-writable NVRAM variables, enabling attackers to bypass Secure Boot and run unsigned code before the operating system loads. This issue has been actively exploited.

Recommendations Update systems to the latest version available before June 2025.