vulnerability
Red Hat: CVE-2019-14575: edk2: DxeImageVerificationHandler() fails open in case of dbx signature check
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Nov 23, 2020 | Jul 9, 2025 | Jul 9, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Nov 23, 2020
Added
Jul 9, 2025
Modified
Jul 9, 2025
Description
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
Solution
no-fix-redhat-rpm-package
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.