all InfoSec news
VU#309662: Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass
Aug. 11, 2022, 7:04 p.m. |
CERT Recently Published Vulnerability Notes kb.cert.org
Overview
A security feature bypass vulnerability exists in signed 3rd party UEFI bootloaders that allows bypass of the UEFI Secure Boot feature. An attacker who successfully exploits this vulnerability can bypass the UEFI Secure Boot feature and execute unsigned code during the boot process.
Description
UEFI firmware is software written by vendors in the UEFI ecosystem to provide capabilities in the early start up phases of a computer. Secure Boot is a UEFI standard that can be enabled and used …
More from kb.cert.org / CERT Recently Published Vulnerability Notes
VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacks
2 weeks, 1 day ago |
kb.cert.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Cybersecurity Consultant- Governance, Risk, and Compliance team
@ EY | Tel Aviv, IL, 6706703
Professional Services Consultant
@ Zscaler | Escazú, Costa Rica
IT Security Analyst
@ Briggs & Stratton | Wauwatosa, WI, US, 53222
Cloud DevSecOps Engineer - Team Lead
@ Motorola Solutions | Krakow, Poland