Information disclosure in Tianocore Edk2
CVE-2024-38798
EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or…
Vulnerability class: Information Disclosure
EPSS: 0.001 (2.1th percentile) — read the EPSS interpretation.
Affected products
- Tianocore Edk2 — versions 0