PT-2025-32242 · Edk2+4 · Edk2+4

Christopher Domas

Published

2025-08-06

Updated

2025-11-28

CVE-2025-3770

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions EDK2 (affected versions not specified)

Description EDK2 contains a vulnerability in BIOS that may allow an attacker to cause a “Protection Mechanism Failure” with local access. Successful exploitation of this issue could lead to arbitrary code execution, impacting confidentiality, integrity, and availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Protection Mechanism Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-693

Related Identifiers

AZL-66108

AZL-66119

AZL-66122

BDU:2025-12585

CVE-2025-3770

GHSA-VX5V-4GG6-6QXR

OESA-2025-2298

OESA-2025-2299

OESA-2025-2300

OESA-2025-2386

OESA-2025-2387

OESA-2025-2388

USN-7894-1

USN-7894-2

Affected Products

Debian

Edk2

Linuxmint

Red Os

Ubuntu

PT-2025-32242 · Edk2+4 · Edk2+4

CVE-2025-3770

Weakness Enumeration

Related Identifiers

Affected Products

References · 71