1 results (0.001 seconds)

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

An insecure default to allow UEFI Shell in EDK2 was left enabled in LXD. This allows an OS-resident attacker to bypass Secure Boot. Un valor predeterminado inseguro para permitir UEFI Shell en EDK2 se dejó habilitado en LXD. Esto permite que un atacante residente en el sistema operativo omita el arranque seguro. • https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137 https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139 https://nvd.nist.gov/vuln/detail/CVE-2023-48733 https://www.openwall.com/lists/oss-security/2024/02/14/4 • CWE-276: Incorrect Default Permissions •