AI description
CVE-2025-3052 is an arbitrary write vulnerability found in Microsoft signed UEFI firmware. It allows for the execution of untrusted software by enabling an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. This vulnerability stems from improper handling of a runtime NVRAM variable, allowing an arbitrary write primitive. Successful exploitation could bypass Secure Boot, enabling attackers to run unsigned code during the boot process and potentially install bootkits, undermining OS-level security defenses and compromising the system's chain of trust. Microsoft has addressed this vulnerability by adding new hashes to the Secure Boot dbx as a mitigation measure.
- Description
- An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability could enable security bypasses, persistence mechanisms, or full system compromise.
- Source
- cret@cert.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.2
- Impact score
- 6
- Exploitability score
- 1.5
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
- Hype score
- Not currently trending
Top 5 Trending CVEs: 1 - CVE-2014-0160 2 - CVE-2025-3052 3 - CVE-2024-27867 4 - CVE-2025-0802 5 - CVE-2025-54135 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
3 Aug 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 GÜNCELLEME DUYURUSU – Lenovo UEFI/BIOS Güvenlik Açığı (Secure Boot Bypass - CVE-2025-3052) Lenovo’nun masaüstü bilgisayar ve All-in-One sistemlerinde kullanılan Insyde tabanlı UEFI firmware bileşenlerinde, işletim sistemi başlamadan önce Secure Boot kontrol
@GMDestekMerkezi
31 Jul 2025
27 Impressions
1 Retweet
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 A new flaw in Windows 11's Secure Boot means your device might be more open than a 24/7 diner! CVE-2025-3052 lets malware sneak in like it owns the place. Time to check those locks! #WindowsForum #Windows11 #SecurityFlaw https://t.co/5RmXfVCx5u
@windowsforum
11 Jul 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔐 Are centralized trust chains failing Secure Boot? CVE-2025-3052 highlights dependency flaws that Linux admins can’t afford to ignore. Here’s what IT managers need to know. #hacking #cybersec #ethicalhacking https://t.co/ro7MT58EkM https://t.co/ClBVXASSYK
@lnxsec
11 Jul 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📛 Admin access transforms Secure Boot vulnerabilities like CVE-2025-3052 & CVE-2025-47827 into catastrophic openings for attackers. These CVEs are no joke—fix them NOW! #hacking #ethicalhacking #infosec https://t.co/ro7MT58EkM https://t.co/UcpiQ8tGeH
@lnxsec
10 Jul 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔍 Secure Boot under attack! CVE-2025-3052 introduces stealthy firmware modifications, bypassing system integrity checks. IT admins, take immediate action to patch systems. #hacking #infosec #programming https://t.co/ro7MT58EkM https://t.co/9h9BstElbe
@lnxsec
4 Jul 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔑 Think all signed binaries are safe? CVE-2025-3052 proves attackers exploit tools Secure Boot inherently trusts. IT managers, rethink the assumed ‘trust’ in certificates today. #hacking #cybersec #ethicalhacking https://t.co/ro7MT58EkM https://t.co/gyydACQSXL
@lnxsec
3 Jul 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2025-3052: UEFI Secure Boot bypass vulnerability - https://t.co/qFhmqIHCBB 2. SonicDoor: Cracking SonicWall’s SMA 500 - https://t.co/UgNlveb21p 3. Windows Ancillary Function Driver (afd.sys) Race-Condition Null-Pointer Dereference - https://t.co/C5bhL19FuT 4.
@ksg93rd
30 Jun 2025
183 Impressions
1 Retweet
1 Like
2 Bookmarks
0 Replies
0 Quotes
🚨 Are Linux systems truly secure? CVE-2025-3052 reveals that even trusted binaries can disable Secure Boot protections. Learn why this is alarming for IT admins. #hacking #cybersec #linux https://t.co/ro7MT58EkM https://t.co/5e94OoQZPJ
@lnxsec
30 Jun 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
✨Alongside our commercial scanner, we're also offering a free detection tool, Binary Risk Hunt (https://t.co/UhiOyHGkO9), to assist with investigations related to the recently disclosed high-impact vulnerabilities CVE-2025-3052 and CVE-2025-427. https://t.co/ALARyvmmoq https:/
@binarly_io
26 Jun 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⛓️💥Our latest CVE-2025-3052 discovery started with a strange UEFI module on VT. Signed in 2022, uploaded in 2024, trusted by default on almost every system. ✸RE blog: https://t.co/2A9nMJ81jC ✸BRLY advisory: https://t.co/179phA2Oz2 ✸CERT/CC bulletin: https://t.co/VS
@binarly_io
20 Jun 2025
1709 Impressions
13 Retweets
13 Likes
7 Bookmarks
1 Reply
1 Quote
⚠️Vulnerabilidad en aplicación de arranque seguro UEFI ❗CVE-2025-3052 ➡️Más info: https://t.co/6XWPoHpm8N https://t.co/h5NO24EnSo
@CERTpy
18 Jun 2025
191 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-33053 2 - CVE-2025-3052 3 - CVE-2025-49113 4 - CVE-2025-33073 5 - CVE-2025-25022 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
16 Jun 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Mi Ubuntu me ha dicho que hay una actualización de firmware, concretamente de UEFI dbx (la lista de revocaciones de Secure Boot). Todo esto viene del CVE-2025-3052 (https://t.co/jylGTwjNT7) y sólo puedo dar las gracias por la rapidez en las actualizaciones de seguridad. https:
@diegolgz
15 Jun 2025
44 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-3052
@transilienceai
15 Jun 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Microsoft patched a major Secure Boot flaw impacting 14 modules, preventing hackers from installing bootkit malware. Update your Windows systems to protect against CVE-2025-3052 now! https://t.co/ubMYCFgYl0 https://t.co/c96pvMkSBp
@nano_fl0ra
14 Jun 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-3052
@transilienceai
14 Jun 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-3052
@transilienceai
13 Jun 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-3052
@transilienceai
12 Jun 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Critical Secure Boot Bypass (CVE-2025-3052) Exposes Millions of Modern PCs, PoC Video Released https://t.co/dOBW7S9a22
@the_yellow_fall
12 Jun 2025
330 Impressions
2 Retweets
6 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-3052(別名BRLY-2025-001)は、MicrosoftのUEFI証明書で署名されたBIOS更新ツールに存在するメモリ破損の脆弱性であり、Secure Bootを迂回してマルウェアを起動プロセスに常駐させる深刻な脅威である。 このモジ
@yousukezan
11 Jun 2025
2531 Impressions
2 Retweets
18 Likes
2 Bookmarks
1 Reply
0 Quotes
Security Alert: A serious flaw (CVE-2025-3052) in DTResearch’s UEFI firmware, found in rugged tablets and laptops, allows hackers to bypass Secure Boot. This lets them run harmful code before the operating system starts, potentially planting malware that security tools can’t
@tony3266
11 Jun 2025
96 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
研究人员发现两个漏洞能🔓绕过 Secure Boot,微软只修复了一个😢。CVE-2025-3052是DT Research设备固件工具漏洞🛠️,微软已屏蔽。另一个CVE-2025-47827涉Linux内核模块IGEL,微软未撤销签名💔。令人绝望😭。
@touhlih
11 Jun 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Die Sicherheitslücke CVE-2025-3052 führt die ganze Secure Boot/Kernel-Level-Anticheat endgültig ab absurdum. Programmiert lieber vernünftige Erkennung anstatt Spielern euren als Anticheat getarnten Trojaner auf den PC zu werfen! @EA @goldpriester #battlefield
@SigTwit
11 Jun 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🗞️ A new Secure Boot bypass flaw (CVE-2025-3052) allows attackers to disable security and install persistent bootkit malware on most Windows systems. Microsoft has patched the vulnerability in the June 2025 Patch Tuesday—update now to protect your devices! Key takeaways:
@gossy_84
11 Jun 2025
112 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Nueva vulnerabilidad en Secure Boot (CVE-2025-3052) permite desactivar seguridad y ejecutar malware bootkit. Microsoft ya lanzó el parche, actualiza tu dispositivo hoy. #Ciberseguridad #SISAPNews https://t.co/VbJoXV5MTz
@SISAP_LATAM
11 Jun 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
新しいSecure Bootの脆弱性発見 – ブートキットマルウェアのインストールが可能に、今すぐ対策を(CVE-2025-3052) https://t.co/VefNOLV0Fj #Security #セキュリティ #ニュース
@SecureShield_
11 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3052 An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leadin… https://t.co/gRkeyRbQ6e
@CVEnew
10 Jun 2025
8 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3052 is a Secure Boot bypass affecting systems trusting Microsoft's UEFI CA 2011 certificate, enabling bootkit malware installation. Microsoft mitigated it in June 2025. #Security https://t.co/padbgQQKpJ
@Strivehawk
10 Jun 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Secure Boot vulnerability (CVE-2025-3052) allows attackers to install bootkit malware. Apply patches now to safeguard systems. [https://t.co/q8uaWxj9pc] #CyberSecurity
@threatlight
10 Jun 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical new Secure Boot flaw, tracked as CVE-2025-3052, has been unveiled, allowing attackers to disable security on devices and install bootkit malware. Stay informed and protect your systems by reading our detailed blog post. Find out more here: https://t.co/OdCCxFCxMn
@trubetech
10 Jun 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Binarly is documenting the discovery of CVE-2025-3052, a memory-corruption flaw in a Microsoft-signed UEFI module that lets attackers bypass Secure Boot and run unsigned code before the OS starts. 🔗 Full details: https://t.co/bnojn8RmsV 🛡️ Advisory: https://t.co/0D3
@binarly_io
10 Jun 2025
11215 Impressions
40 Retweets
62 Likes
24 Bookmarks
1 Reply
4 Quotes
Two Secure Boot exploits found; Microsoft patches one (CVE-2025-3052) but allows the other to remain. https://t.co/9szrMcIpMX #technology #international #news
@HivewireAI
10 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Патч для CVE-2025-3052, обнаруженный @binarly_io также будет в июньских обновлениях.
@varwar1337
8 Jun 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
⚠️ Repeated key management failures are undermining Intel Boot Guard & UEFI Secure Boot Leaked keys, debug certs & unpatched CVEs (CVE-2025-3052, CVE-2024-56161) leave millions vulnerable to bootkits & pre-OS malware Breaking news from the world &… https://t
@godeepweb
13 May 2025
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3052: Microsoft Signed UEFI Module PoC https://t.co/hPFXn66BcD https://t.co/aznVwotmX7
@freedomhack101
13 May 2025
55 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
🚨CVE-2025-3052 PoC: Microsoft Signed UEFI Module Credit: https://t.co/KjE9IUYujo https://t.co/6mxgyiXyw7
@DarkWebInformer
12 May 2025
5049 Impressions
4 Retweets
30 Likes
12 Bookmarks
0 Replies
0 Quotes