vulnerability

Red Hat: CVE-2019-11098: edk2: Insufficient input validation in MdeModulePkg may lead to privilege escalation

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:N/C:P/I:P/A:P)	Jul 14, 2021	Jul 9, 2025	Jul 9, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:P/A:P)

Published

Jul 14, 2021

Added

Jul 9, 2025

Modified

Jul 9, 2025

Description

Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.

Solution

no-fix-redhat-rpm-package

References

NVD-CVE-2019-11098

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today