CVE-2019-14575
Description
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.061
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) ovmf_0~20160408.ffea0a2c-2ubuntu0.1_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) ovmf_0~20180205.c0d9813c-2ubuntu0.2_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) ovmf_0~20190606.20d2e5a1-2ubuntu1.1_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) qemu-efi_0~20160408.ffea0a2c-2ubuntu0.1_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) qemu-efi-arm_0~20180205.c0d9813c-2ubuntu0.2_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) qemu-efi-arm_0~20190606.20d2e5a1-2ubuntu1.1_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) qemu-efi-aarch64_0~20180205.c0d9813c-2ubuntu0.2_all.deb | Linux |
| UEFI firmware for 64-bit x86 virtual machines (USN-4349-1) qemu-efi-aarch64_0~20190606.20d2e5a1-2ubuntu1.1_all.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234