Information disclosure in Tianocore Edk2

CVE-2024-38798

EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or…

Vulnerability class: Information Disclosure

EPSS: 0.001 (2.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References