Share:

CVE-2019-11098 - Tianocore Edk Ii

July 14, 2021

Moderate 6.8

Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.

Affected software

Tianocore Edk Ii

Reference links

https://edk2-docs.gitbook.io/security-advisory/bootguard-toctou-vulnerability

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.