An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Aug 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Canonical
Canonical lxd Debian Debian debian Linux Tianocore Tianocore edk2 |
|
CPEs | cpe:2.3:a:canonical:lxd:5.0:candidate:*:*:*:*:*:* cpe:2.3:a:canonical:lxd:5.21:candidate:*:*:*:*:*:* cpe:2.3:a:canonical:lxd:5.21:edge:*:*:*:*:*:* cpe:2.3:a:tianocore:edk2:*:-:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Canonical
Canonical lxd Debian Debian debian Linux Tianocore Tianocore edk2 |
Thu, 08 May 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-1188 | |
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: canonical
Published:
Updated: 2025-05-08T15:18:23.545Z
Reserved: 2023-12-05T19:36:34.710Z
Link: CVE-2023-48733

Updated: 2024-08-02T21:37:54.670Z

Status : Analyzed
Published: 2024-02-14T22:15:47.320
Modified: 2025-08-26T17:19:40.457
Link: CVE-2023-48733

No data.

No data.