CVE-2025-3052 – Microsoft UEFI Firmware Arbitrary Write Vulnerability

June 10, 2025

CVE ID : CVE-2025-3052

Published : June 10, 2025, 8:15 p.m. | 1 hour, 33 minutes ago

Description : An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.

Severity: 8.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49133 – Libtpms TPM 2.0 OOB Read Vulnerability

Next Article CVE-2025-36852 – Amazon S3/Google Cloud Storage Remote Cache Artifact Injection Vulnerability

Highlights

CVE-2025-4536 – Gosuncn Technology Group Audio-Visual Integrated Management Platform Remote Information Disclosure

May 11, 2025

CVE ID : CVE-2025-4536

Published : May 11, 2025, 9:15 a.m. | 3 hours, 12 minutes ago

Description : A vulnerability has been found in Gosuncn Technology Group Audio-Visual Integrated Management Platform 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /sysmgr/user/listByPage. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Top 15 Enterprise Use Cases That Justify Hiring Node.js Developers in 2025

The Core Model: Start FROM The Answer, Not WITH The Solution

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks, Veracode Research Reveals

Understanding the code modernization conundrum

Not just YouTube: Google is using AI to guess your age based on your activity – everywhere

Malicious extensions can use ChatGPT to steal your personal data – here’s how

What Zuckerberg’s ‘personal superintelligence’ sales pitch leaves out

This handy NordVPN tool flags scam calls on Android – even before you answer

Route Optimization through Laravel’s Shallow Resource Architecture

Route Optimization through Laravel’s Shallow Resource Architecture

This Week in Laravel: Laracon News, Free Laravel Idea, and Claude Code Course

Everything We Know About Pest 4

FOSS Weekly #25.31: Kernel 6.16, OpenMandriva Review, Conky Customization, System Monitoring and More

FOSS Weekly #25.31: Kernel 6.16, OpenMandriva Review, Conky Customization, System Monitoring and More

Windows 11’s MSN Widgets board now opens in default browser, such as Chrome (EU only)

Microsoft’s new “move to Windows 11” campaign implies buying OneDrive paid plan

CVE-2025-3052 – Microsoft UEFI Firmware Arbitrary Write Vulnerability

The hidden risks of browser extensions – and how to stay safe

Minnesota National Guard Deployed After Major Cyberattack on St. Paul City Systems

Sony WH-1000XM6 vs. Bose QuietComfort Ultra: Which headphones should you buy?

Microsoft yanks its Movies & TV store, ending a 19-year video experiment

Top FMovies Alternatives: 2025 List to Stream Movies & Shows

CVE-2025-30949 – Telegram Guru Team Site Chat Object Injection Vulnerability

CVE-2025-4536 – Gosuncn Technology Group Audio-Visual Integrated Management Platform Remote Information Disclosure

CVE-2025-5854 – “Tenda AC6 Buffer Overflow Vulnerability”

4 features on Windows 11 exclusive to Europe that Microsoft should make global

CVE-2024-55466 – ThingsBoard Image Gallery Remote Code Execution

CVE-2025-3052 – Microsoft UEFI Firmware Arbitrary Write Vulnerability

Related Posts