CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-14575

Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.3%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.6

References

https://bugzilla.tianocore.org/show_bug.cgi?id=1608
https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html
https://bugzilla.tianocore.org/show_bug.cgi?id=1608
https://lists.debian.org/debian-lts-announce/2021/04/msg00032.html

Products affected by CVE-2019-14575

Tianocore » Edk2 » Version: N/A

cpe:2.3:a:tianocore:edk2:-
Debian » Debian Linux » Version: 9.0

cpe:2.3:o:debian:debian_linux:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-14575

Products

Pricing

Contact Us