0.001 Low
EPSS
Percentile
25.1%
Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
bugzilla.redhat.com/show_bug.cgi?id=1641433
www.cve.org/CVERecord?id=CVE-2018-3613 https://nvd.nist.gov/vuln/detail/CVE-2018-3613 https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-authenticated-variable-bypass.html