CVE-2025-8860 | QEMU uefi var-service-core.c uefi_vars_write information disclosure

Inserito da Angelo Barbosa | Ago 25, 2025 | CVE

A vulnerability classified as problematic has been found in QEMU. Affected is the function uefi_vars_write of the file hw/uefi/var-service-core.c of the component uefi. Performing manipulation results in information disclosure.

This vulnerability was named CVE-2025-8860. The attack needs to be approached within the local network. There is no available exploit.

To fix this issue, it is recommended to deploy a patch.

CVE-2025-8860 | QEMU uefi var-service-core.c uefi_vars_write information disclosure

Post correlati

CVE-2025-39356 | Foodbakery Sticky Cart Plugin up to 3.2 on WordPress deserialization

CVE-2023-6340 | SonicWall Capture Client/NetExtender Client SFPMonitor.sys out-of-bounds write (SNWLID-2023-6340)

CVE-2023-52442 | Linux Kernel up to 5.15.144/6.1.52/6.4/6.4.15 smb2_get_msg Privilege Escalation

CVE-2022-32753 | IBM Security Verify Directory 10.0.0 inadequate encryption (XFDB-228444)