CNNVD-202512-1547 Information
Dec 09, 2025
cve
CNNVD ID
CNNVD-202512-1547
Related CVE
- CNNVD Published: 2025-12-09
Description (Chinese)
EDK2是Tianocore社区的一套基于UEFI和PI规范的跨平台固件开发环境。 EDK2存在安全漏洞,该漏洞源于输入验证不当,可能导致任意命令执行。
Description (English)
EDK2 is a set of cross-platform solidware development environments based on UEFI and PI norms in the community of Tianocore. EDK2 has a security loophole, which stems from inappropriate input certification and may lead to arbitrary orders being executed.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
tianocore
Published
2025-12-09
Last Modified
2026-02-24
References
https://github.com/tianocore/edk2/security/advisories/GHSA-6pp6-cm5h-86g5
Patch
https://github.com/tianocore/edk2/releases
Share on: