CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-3052: An arbitrary write vulnerability in Microsoft signed UEFI firmware from DT Research Inc.

Description

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

Classification

CVE ID: CVE-2025-3052

Problem Types

CWE-123: Write-what-where Condition

Affected Products

Vendor: DT Research

Product: BiosFlashShell, Dtbios

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.02% (probability of being exploited)

EPSS Percentile: 2.14% (scored less or equal to compared to others)

EPSS Date: 2025-06-16 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: poc

SSVC Technical Impact: total

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2025-3052
https://uefi.org/specs/UEFI/2.10/32_Secure_Boot_and_Driver_Signing.html
https://www.binarly.io/advisories/brly-dva-2025-001

Timeline

2025-06-10 21:01:05 UTC
BleepingComputer

New Secure Boot flaw lets attackers install bootkit malware, patch now
2025-06-10 22:40:13 UTC
CVE

An arbitrary write vulnerability in Microsoft signed UEFI firmware from DT Research Inc.