CVE-2025-3052 — Untrusted Pointer Dereference in Research Biosflashshell

CWE-822 — Untrusted Pointer Dereference8 documents6 sources

Severity

8.2HIGHNVD

EPSS

0.1%

top 78.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

DT Research Biosflashshell DT Research Dtbios Msrc Windows 10 +14 more

Timeline

PublishedJun 10

Latest updateAug 27

Description

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages17 packages

▶msrcmsrc/windows_10

▶CVEListV5dt_research/dtbios12 versions+11

▶msrcmsrc/windows_server_2012

▶msrcmsrc/windows_server_2016

▶msrcmsrc/windows_server_2019

🔴Vulnerability Details

GHSA

GHSA-q4rv-v64c-3hff: An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software↗2025-06-10

▶

📋Vendor Advisories

Red Hat

vulnerable-uefi-module: Arbitrary write in UEFI module could lead to bypassing Secure Boot↗2025-06-11

▶

Microsoft

Cert CC: CVE-2025-3052 InsydeH2O Secure Boot Bypass↗2025-06-10

▶

🕵️Threat Intelligence

Securelist

Exploits and vulnerabilities in Q2 2025↗2025-08-27

▶

Securelist

Vulnerability landscape analysis for Q2 2025↗2025-08-27

▶

Bleepingcomputer

New Secure Boot flaw lets attackers install bootkit malware, patch now↗2025-06-10

▶

Bleepingcomputer

Microsoft June 2025 Patch Tuesday fixes exploited zero-day, 66 flaws↗2025-06-10

▶